Incident Response Services
Penetration Testing Services
IoT Security Services
Training & Certification
Managed Detection & Response (MDR)
Managed Vulnerability Management
Managed Application Security
Find a Partner
Rapid7 Insight is your home for SecOps, equipping you with the visibility, analytics, and automation you need to unite your teams and amplify efficiency.
Insight Cloud Overview Try Now
User Behavior Analytics & SIEM
Orchestration & Automation
Application Security On-Premise
Need a hand with your security program? From planning and strategy to full service support, our experts have you covered.
Need immediate help with a breach?
While InsightIDR excels at surfacing unknown attacks, it will also help you face a known challenge: demonstrating compliance across your security program. This includes audit logging and log management (e.g. PCI Requirement 10), user monitoring (e.g. NIST CSF Detect), and now, file integrity monitoring (FIM), a regulation mandated across PCI, HIPAA, and GDPR.
Once you deploy the included Insight Agent to your critical assets, you can activate file integrity monitoring to flag any changes to any specified files or directories on that endpoint.
Track changes around: critical system files (system and executable files); content files that contain card data and personally identifiable information (PII); configuration files for critical applications; digital key and credential files for secure authentication and authorization; and historical and archived log and audit files.
While HIPAA is not as prescriptive around FIM, it requires the implementation of policies and tech to safeguard Protected Health Information (PHI) from alteration and destruction.
You can use InsightIDR to help monitor items like: ePHI files/databases, system and application executables, configuration files, and log/SIEM audit files
Similar to the above, GDPR requires the protection of personal data files and applications. Use FIM in InsightIDR to monitor the critical config, system, and key/credential files that power your personal data applications.
If an adversary is tampering with critical files, they already have internal access to your network, and are deep in their ATT&CK chain. That’s why InsightIDR uses a combination of user behavior analytics, threat intelligence, and community sharing to ensure you find signs of compromise much, much earlier. Unlike standalone approaches to file integrity monitoring, if you get an alert, you’ll also have valuable context around the users and assets involved, helping you prioritize and assess severity immediately.