When using cloud services, it’s common to be overwhelmed with what to do with the large volume of threat signals you receive from a heterogeneous set of sources. Without being able to decipher the signals from noise, it’s difficult to identify true risk and act on it in a timely fashion.
DivvyCloud by Rapid7 delivers a unified approach to monitoring and responding to threats to your cloud accounts and workloads across multiple clouds, and makes it easy to implement automation that reduces remediation and recovery time.
To deliver threat protection, DivvyCloud by Rapid7 integrates with native Cloud Service Provider (CSP) services (e.g., Amazon GuardDuty) and other partners (e.g., Tenable) for best-in-class, intelligent threat detection that continuously monitors for malicious activity and unauthorized behavior. These services use machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats. You will be able to detect crypto-currency mining, credential compromise behavior, communication with known command-and-control servers, and API calls from known malicious IP addresses.
When a threat is identified, DivvyCloud by Rapid7 can perform automated remediation actions including reconfiguring cloud services, making changes to cloud infrastructure, driving human-centered workflows with integration into systems like ServiceNow and Jira, and orchestrating workflow actions in other security and management systems.