Contact us Facebook Linkedin Youtube
News

CyberArk Core Privileged Access Security Solution & InsightIDR Integration

News | 20.06.2019

Whether it be spearphishing or credential theft, preventing every cyber attack is simply impossible. Detecting an attack is nearly as challenging, but early detection is essential to any organization’s security.

Rapid7’s cloud SIEM, InsightIDR, along with the CyberArk Core Privileged Access Security Solution, provides visibility, protection, and automated workflows to help any organization detect and take action against attacks on its users and administrators. The combined solutions also make life easier for the Security Operations Center: Critical alerts and behavior are prioritized by risk and leverage data across your modern network: on-premises, remote workers, SaaS, and IaaS.

 

The time from the attacker’s first action in an event chain to the initial compromise is typically measured in minutes. Conversely, the time to discovery is more likely to be months.

2019 Verizon Data Breach Investigations Report.

How It Works

Rapid7 InsightIDR is deployed as SaaS and centralizes data from your network, endpoints, cloud hosting, and cloud applications. Security analytics and case management helps your team detect and respond to common and targeted threats. The CyberArk Core Privileged Access Security Solution provides continuous insight into privileged activities occurring across the network. Any generated alerts and logs can feed into InsightIDR for search, reporting, and other custom use-cases that are specific to your business needs.

If an admin or employee user account is determined to be compromised, the user account can be disabled or reset from within InsightIDR investigations. Additionally, if a privileged activity generates a risk score above a certain threshold, CyberArk can mitigate risk by automatically - onboarding unmanaged accounts, rotating credentials, or terminating or suspending potentially malicious sessions.

Softprom by ERC - Value Added Distributor of CyberArk and Rapid7. You can get demonstration and consultation about this solution. Send your request now.