Getting too many worthless alerts? Rapid7 InsightIDR leverages a rich heritage of behavioral analytics to detect intruder activity across the attack chain, cutting down false positives and days’ worth of work for your security professionals. Our detections stems from a combination of User and Attacker Behavior Analytics, endpoint data, and deception technology.
User Behavior Analytics (UBA) enables your team to more easily determine whether a potential threat is an outside attacker impersonating an employee, or an actual employee who presents some kind of risk, whether through negligence or malice. UBA connects activity on the network to a specific user as opposed to an IP address or asset. It is then compared against a normal baseline of event activity for that user. Attacker Behavior Analytics (ABA) applies Rapid7’s existing experience, research, and practical understanding of attacker behaviors to generate investigative leads based on known attacker tools, tactics, and procedures (TTP). ABA detection methods are constantly updated based on our team’s investigations, and then combined with Rapid7’s research and threat intelligence analysts to extract key behaviors from threats identified in our customer environments.
Explore how InsightIDR offers complete visibility across your environment.Learn More