Christina Galligan, Director of Cybersecurity Operations at Rackspace, knows that trust and confidence is core to everything her team does. She describes why they chose to partner with Rapid7, and how vulnerability assessment has been an evolutionary journey for her team with InsightVM, Metasploit, and InsightAppSec. Learn how the Rackspace team collaborated with Rapid7 to develop features in InsightVM like the endpoint agent, container assessment, and more.
I am Christina Galligan. I work at Rackspace. So I lead the threat and vulnerability analysis team. We do vulnerability assessment, red teaming, and threat intelligence for internal Rackspace and we also support the customer security operation center for vulnerability assessment.Show more Show less
So my team uses a suite of Rapid7 products, including InsightVM, Metasploit, and InsightAppSec. At Rackspace, security is really important. So trust and confidence is really kind of the basis of what we do. So security really adds to that, right, so if you're a customer at Rackspace, you have to know that when you put your data on our platform, or you chose to interact with us, that we're going to keep your data secure, that we're going to make sure that we protect it as if it's our own.
Vulnerability analysis and vulnerability management at Rackspace, I think, it's been a evolutionary story for us. So, a few years ago when we didn't have Rapid7 on board, we were quantifying our vulnerabilities in a different way. Now, we're able to more quickly report and really remediate faster. So it allows us to get the data into the hands of the people that need it.
From an adoption perspective, as soon as we introduced the platform to the team, they were really excited about it and really jazzed about it seemed like kind of a land of infinite possibilities. In terms of of the flexibility that provided, that we weren't seeing with other products.
So, before we went to Rapid7 we did evaluate some other vulnerability assessment products and other vendors. There was two differentiators that stood out with Rapid7. So one was just the level of API integration and automation that we felt like it would enable. We were a small team at the time, and so it was really important that we're able to automate as much as possible. And really the other one was support.
Tickets get answered, and they don't just get answered, but they get answered really comprehensively and so first pass yield is really high with being able to remedy the issue or really being able to answer questions for us.
We love to be involved in any program that the vendor offers where we can provide feedback and really be kind of driving the roadmap. I think one thing we really liked about Rapid7 when we looked at them, and as we do check-ins is that features that are discussed on the roadmap are developed on the roadmap.
I think a lot of times what's being released by Rapid7, so containers and agents are things that we've asked for and so we're really excited when they're introduced. Being able to interface on the dev level with the people that are actually building the product and the ones who have actually written the API and the integration is just really huge. So we found a ton of flexibility. And we're excited to continue to work to build out the agent API as well with Rapid7.