Driving Trust at Scale: How Keyloop Streamlined Security with Rapid7

When customers buy a car across 65 countries, chances are they’re interacting with Keyloop - an industry leader in dealer management software. Keyloop supports the full customer lifecycle from vehicle sales to servicing, operating across Europe, North America, the Middle East, and Asia Pacific. With this global reach comes complexity: inherited systems from acquisitions, a hybrid environment spanning cloud and on-prem, and evolving compliance expectations from increasingly security-savvy clients.

For Alan Simpson, Senior Security Operations Manager, securing this diverse environment is about more than ticking boxes - it’s about building trust.

From complexity to clarity

Keyloop’s modern IT environment includes cloud workloads, legacy systems, and a hybrid workforce. That complexity introduced challenges in visibility, risk management, and customer assurance.

“We’re night and day better than where we were four years ago,” Alan said, while noting a shift in customer expectations. “Our customers are asking really good questions of us, as they should. There’s a really big push on compliance and making sure we’re giving the right information so they can have trust in us.”

Cyber asset management became a particular focus area. “We only know what we know,” Alan said. “With such a diverse estate, understanding what everything looks like is key.”

Finding the right fit

Alan first encountered Rapid7 while building out the InfoSec function at insurance company Liverpool Victoria. Even then, he was looking for more than a traditional MSSP.

“There wasn’t any proactiveness. It was a box-ticking exercise,” he said. “We wanted more out of a partner.”

At Keyloop, Alan evaluated multiple MDR vendors before making the switch. The company was also running into limitations with its existing SIEM platform. “Splunk was very expensive.. We wanted a more predictable model and to not have to make compromises.” 

Transitioning onto Rapid7’s next-gen SIEM, the team’s window into the MDR service, was easier knowing that there were no limits to the data they could ingest. With unlimited incident response built into the service, there were no surprise costs and no compromises coming Keyloop’s way.

Keyloop ultimately selected Rapid7 as its provider in 2024, and has since moved into an enterprise agreement - giving them broad access to managed detection and response, vulnerability management, and digital risk protection under one unified contract. “Platforming with Rapid7 rather than having a lot of point solutions has really been beneficial to us,” Alan said.
The unified approach has provided greater visibility across their environment, reduced operational complexity, and helped lower the total cost of ownership by eliminating tool sprawl.

Closing gaps with digital risk protection

One of the biggest wins has come from an area many organizations struggle to monitor: digital risk.

“Actually, it’s been the managed digital risk piece, because that was a big gap for us,” Alan said. “We’ve probably all had the question from the exec, like, ‘What about the dark web?’ That kind of thing.”

Previously, Keyloop lacked the in-house resources to track dark web activity effectively. Rapid7 changed that.
“During the proof of concept, I think it was 8,000 alerts that came in, and eight were passed onto the team to investigate. That reduction brought the noise way down.”

The result? Earlier threat visibility, stronger brand protection, and higher customer confidence.
“Customers saw that we were watching for these threats and reaching out proactively,” said Alan. “It increased trust and helped us demonstrate capability.”

Prioritizing what matters

Rapid7’s risk-based vulnerability management approach helped Keyloop move faster and communicate more clearly across the business.

“Active Risk Score was really good for us in terms of executive reporting,” Alan said. “We can go as granular or high level as we want - just a snapshot across the org to see if we’re moving in the right direction.”
Active Risk scoring gave Keyloop the confidence to focus on what truly matters- not just existing vulnerabilities, but ones that pose the greatest potential for business disruption. By aligning security priorities with real-world risk, the team could act faster and report with greater clarity.

As compensating controls become more integrated into the platform, Alan sees even greater value ahead. “We don’t want to manually do that work for every system and vulnerability.”
By automatically factoring in existing protections, the platform reduces the need for manual workarounds, enables smarter prioritization, and accelerates response. It’s another step toward helping the team focus on what matters most and act faster when it counts.

Looking ahead: mapping the data

The next major challenge for Keyloop is mastering data management—particularly around flow, ownership, and classification.

“Our customers are asking us, where is my data? What does the data flow look like?” Alan said. “That’s the next big thing for us.”

To tackle it, the team is combining capabilities across their multicloud environments and security tools. Exposure Command will help Keyloop identify all their vulnerable AWS assets, and combine with  Purview in Microsoft E5 to do the same with Azure. Alan explained, “The main points are the process, the understanding, the ownership of that data.”

The value of true partnership

For Alan, the real differentiator wasn’t just the tooling - it was the relationship.

“Why Rapid7? It’s the technology and the people. That’s the core point. It’s a true partnership,” he said. “A lot of vendors say they want to be a partner, but then as soon as you sign the deal, you start getting forgotten about.”

Even as a mid-sized customer, Keyloop receives enterprise-level support.
“We’re not the biggest customer in terms of spend or estate, but we always get treated very well and have the time available to us.”

That level of service is anchored by a dedicated Cybersecurity Advisor - a single point of contact who helps connect managed services across technology, people, and process.
“Everything can be integrated together, not just from a technology perspective but from a people and process perspective as well,” Alan said.
“We get more benefit out of that type of relationship and we avoid any risk of complacency.” Rapid7 is there for that.