Expanding the Security Horizon: Introducing Rapid7 MDR for the Extended Ecosystem

Last updated at Tue, 24 Sep 2024 19:32:54 GMT

As the cybersecurity landscape gets more complex, the stakes for keeping organizations safe have never been higher. Security teams are tasked with keeping ahead of new ransomware groups, rapidly evolving adversary tactics, and their dynamic attack surface as their business grows. Security organizations' scope of responsibility has swelled as their tech ecosystem has sprawled, with the average team now managing 45 security tools in their environment.

Managed detection and response (MDR) services can be a life raft for many teams looking to extend their team with expert support and 24x7 coverage. But traditional MDR needs to evolve to accommodate the widening attack surface and security scope.

Our Rapid7 MDR service has always been built on InsightIDR, our native SIEM and XDR technology, operationalizing telemetry across the customer environment —endpoint, cloud, identity, and network. This multi-layered approach is critical in today’s environment, where advanced threats require rapid identification and response across the entire ecosystem.

Introducing: MDR for the extended ecosystem

We are proud to announce the launch of Rapid7 MDR for the extended ecosystem, extending our MDR service to triage, investigate, and respond to alerts from third-party tools already in use within your organization. These investments will extend Rapid7’s foundational native telemetry, layering alerts from customers’ third-party point solutions like cloud service providers (CSPs), identity and access management (IAM) platforms, and endpoint protection platforms (EPPs).

This initial release will bring support for major EPPs such as Microsoft Defender for Endpoint, CrowdStrike Falcon, and SentinelOne Singularity, with plans to extend coverage to more third-party tools across cloud, identity, and network in the coming months. By integrating third-party alerts, organizations can now customize their MDR coverage to cover the unique technology environment.

What sets Rapid7 MDR apart: customization, visibility, and Active Response

By extending the Rapid7 SOC’s coverage to include alerts from third parties, we’re bringing comprehensive, robust coverage to our customers through:

• Customization: Integrate your existing tools with Rapid7’s native telemetry to create a customized service that matches your specific environment, tailoring your MDR service to your environment, layering alert data to speed up investigations across multiple layers of your ecosystem​.
• Visibility: By synthesizing data from both native and third-party telemetry, we’re bringing complete visibility across endpoints, cloud, identity, and network layers. This eliminates blind spots, helping you detect and respond to abnormal and malicious activity across your entire attack surface​.
• Response: By extending the MDR service to detect, triage, and investigate third party event sources, the Rapid7 SOC has more context and information to respond to and contain malicious behavior before it can cause harm to your environment, business, and brand.

“We have been using Rapid7 MDR for our organization's cyber security needs, and I must say, it has been a game-changer. From the moment we implemented the service, we experienced a significant improvement in our overall security posture and threat detection capabilities.”

Gartner Peer Review, 2024

The best is yet to come

As we extend our MDR service, we’re excited to partner with you as the command center for your security teams. This extended delivery model brings our MDR and Managed Threat Complete customers the ability to utilize the Rapid7 SOC to triage, investigate, and respond to events happening across supported providers in their wider ecosystem, helping them command their attack surface.

If you’re a Rapid7 MDR customer, reach out to your account team to learn more about our extended coverage. If you’re not a Managed Threat Complete customer yet, request a demo.