Rapid7 releases Command Platform, unified attack defense and response

Rapid7 launched its Command Platform, a unified threat exposure, detection, and response platform. It allows customers to integrate their critical security data to provide a unified view of vulnerabilities, exposures, and threats from endpoint to cloud to close security gaps and prevent attacks.

Rapid7 also announced the first two solutions on the Command Platform: Exposure Command, which helps organizations detect and prioritize exposures from endpoint to cloud, and Surface Command, which is designed to discover and provide deep visibility into the assets that the security team is responsible for protecting across their internal and external attack surface and is included with Exposure Command.

The Rapid7 Command Platform integrates native cloud and on-prem assessment with data from an organization’s ecosystem of IT, security, and business tools to help them take command of their attack surface and confidently discover, identify, prioritize, and remediate risk. The platform gives security operations teams greater visibility they can trust that was previously unattainable due to cost.

“Rapid7 customers now can have confidence in comprehensive visibility to truly monitor, manage, and measure exposures and threats across the entirety of their ecosystem with full business and environmental context — whether that data comes from Rapid7 or other providers — at an affordable cost,” said Corey Thomas, chairman and chief executive officer, Rapid7. “When you have trust in what’s happening in your environment, you can quickly zero in on the highest risk vulnerabilities and exposures to focus on the most critical assets that need attention.”

Exposure Command and Surface Command are foundational to Rapid7’s new Command Platform. With Exposure Command, organizations can now discover, assess, prioritize and remediate exposures across their attack surface, take action confidently on threats with assistance from veteran security experts, and drive tangible return on their investment and outcomes that make it easy to demonstrate success.

An essential part of Exposure Command, Surface Command is designed to enable organizations to eliminate blind spots and uncover security control gaps, proactively harden their attack surface with more complete context about identities and assets, and accelerate incident response teams with better data and perspectives.

Both solutions are priced at a disruptive all-in value so that security teams can see an immediate return on their investment.

“Exposure Command and Surface Command are truly transformational for security teams,” said Craig Adams, senior vice president and chief product officer, Rapid7. “Not only do they eliminate guessing about what is taking place in your environment or which risk to tackle first, they free up the excessive time and money teams spend on a host of tools, manually piecing together inconsistent and disjointed reports to understand only a portion of their attack surface and security posture.”

With Exposure Command, organizations can:

• Detect and Remediate Vulnerabilities Across a Hybrid Environment: Continuously assess the entire environment for vulnerabilities and prioritize response based on the likelihood and potential impact of an exploit with purpose-built data collection approaches for cloud and on-prem environments.
• Enforce Organizational Standards and Compliance Policies: Track adherence to organizational policies and regulatory standards with more than 50 compliance packs and thousands of security policy checks. Security operations teams can also notify relevant stakeholders and leverage native automation to enforce compliance at scale.
• Shift Cloud Security and Compliance Checks Left, Earlier in the Development Lifecycle: Leverage Infrastructure as Code (IaC) scanning capabilities to implement the same security and compliance checks used in production earlier on in the continuous integration and continuous deployment (CI/CD) pipelines, identifying potential misconfigurations and non-compliant resources before they’re ever provisioned.
• Monitor Effective Access and Permissions Across All Clouds: Continuously track accounts and their effective access across the organization, flagging overly-permissive roles, the potential for privilege escalation, and automatically enforcing least privilege access (LPA) policies at scale.
• Identify Paths for Lateral Movement Across Cloud Environment: Attack path analysis enables teams to visualize the relationships between interconnected cloud resources and uncover the potential for attackers to move laterally across the environment should they gain access to it.

Surface Command includes a library of more than 100 connectors feeding into Rapid7’s unified machine learning-driven correlation engine. Organizations can identify and mitigate exposures and potential threats with a risk-aware and adversary-driven view of their attack surface. This dynamic map of their digital estate from endpoint to cloud provides organizations with a holistic view of their attack surface.

With Surface Command, organizations can:

• Establish and Maintain a Single Source of Truth: Unify and correlate asset inventory and identities across internal tooling and cross-reference findings against regular external scans to understand their attack surface and establish a single source of truth across teams.
• Uncover Assets Lacking Proper Security Controls: Recurring scanning to spot gaps in security coverage where assets are missing controls, such as endpoint security agents and vulnerability scans, and which identities have admin access or are missing multifactor authentication (MFA).
• Drive Accountability Across Teams: Understand asset ownership and drive accountability when compliance standards aren’t met, providing clarity around which stakeholders to engage when remediation actions are required for security and governance, risk, and compliance (GRC) teams.
• Provide Full Context to Incident Responders: Security analysts can more effectively prioritize ongoing threats by having asset, vulnerability, and security control context in one place to make decisions. They can also enable organization-wide threat hunts based on known asset information and tactics, techniques, and procedures (TTPs).
• Detect Shadow IT and Ungoverned Use of IT Resources: Identify unknown users and assets connected to the network with necessary context to understand the relative risk and necessary remediation steps.
• Augment Configuration Management Database (CMDB) Tools and Assist with Asset Lifecycle Management: Track technology adoption across the organization and leverage powerful native querying capabilities to gain deep insight, including if assets are still active, who owns them, and when they were last updated or modified.