What’s New in Rapid7 Products & Services: Q2 2024 in Review

• Rapid7 acquires Noetic to deliver comprehensive visibility and command of your attack surface. Noetic is a leading provider of continuous cyber asset inventory, visibility, and management. This acquisition further enhances Rapid7 ability to provide customers with the necessary control to monitor and manage exposures across their entire attack surface - from endpoint to cloud - with confidence.
• Rapid7 continue to enhance Attack Path Analysis in InsightCloudSec. Most recently adding a new visualization that shows all of the various paths to a potentially compromised resource, providing a better understanding of the potential blast radius of an attack. Rapid7 have also added the ability to export Attack Path graphs as a PDF, JPG, PNG, or SVG for easy sharing with additional stakeholders.
• Automatically prioritize the most at-risk resources based on Layered Context. Layered Context provides insight into the riskiest resources running across cloud environments by taking into account a variety of risk signals from vulnerabilities to identity-related risk and public accessibility. This context makes it easier for security teams to effectively and efficiently prioritize cloud risk remediation efforts. Rapid7 recently released the following updates to Layered context: 1 - Automatic prioritization of riskiest resources by taking into account the presence of toxic combinations to assign a relative risk score to all cloud resources. 2 - A new risk tab, located on the Resource Details panel, that details all the risks impacting a resource in one view, transparently and efficiently diagnosing what is risky and why.
• Access agent-based policy assessment results with InsightVM’s Bulk Export API. Agent-based policy assessment is used to conduct configuration assessments of IT assets against widely used industry benchmarks or custom internal policies. Now customers can use the new Bulk Export API to export the policy assessment results data to their business intelligence tools and build custom visualizations and workflows that meet their reporting needs. Additionally, this API allows for efficient request and download of large data sets directly from the Insight Platform, avoiding unnecessary load on the Security Console and giving greater flexibility in handling the high volume of data that policy assessments produce.
• Insight Agent support for ARM-based Windows 11 devices in InsightVM. Take advantage of the ARM processor chip’s great performance and low power requirements while maintaining agent-based visibility and assessment of remote assets within InsightVM. Rapid7 also released enhanced vulnerability coverage for Windows 11 to provide customers with even higher quality, accurate vulnerability content.
• Rapid7 AI Engine extended to include Generative AI, driving improved MDR efficiency. Enhancements to the Rapid7 AI Engine have brought new Generative AI capabilities to the Rapid7 SOC, improving the efficacy and efficiency of our MDR services. These new additions include: *The new SOC Assistant that guides Rapid7 internal SOC and MDR analysts through complex investigations and streamlines response workflows by querying sources like the Rapid7 MDR Handbook, keeping analysts a step ahead. **The ability to automatically generate incident reports once investigations are closed out, streamlining a typically manual and time-intensive process. Every report that is generated by the Rapid7 AI Engine is reviewed and enhanced as needed by Rapid7 SOC teams, making certain every data point is accurate and actionable.
• Stop attacks before they begin with Rapid7’s patented Ransomware Prevention. Rapid7’s patented, preemptive Ransomware Prevention technology focuses on disrupting the evasive behaviors that ransomware and other forms of malware leverage, preventing both known and unknown (zero-day) attacks before they start. Coexisting alongside NGAV, EDR, and EPP solutions, Ransomware Prevention: 1 - Provides an additional layer of protection on the endpoint focused on mitigating the risk associated with ransomware by using proprietary Data Encryption detection and response technology. 2 - Focuses on the inner techniques that malicious and evasive attacks employ and embed in processes (instead of passively looking for patterns and analyzing processes and behaviors on runtime or post-execution), manipulating their logic so that they refrain from execution.
• Monitor Crowdstrike Falcon EDR alerts within InsightIDR for streamlined alert triage. Simplify operations and optimize resource allocation by further integrating third party endpoint detection and response solutions with Rapid7. Managed Detection and Response customers can integrate CrowdStrike Falcon Endpoint with InsightIDR and leverage Rapid7’s highly skilled and experienced MDR SOC to help triage incoming alerts.
• A growing library of actionable detections in InsightIDR. In Q2 2024 Rapid7 added over 750 new detection rules. See them in-product or visit the Detection Library for descriptions and recommendations.

Rapid7 is a leader in vulnerability management and penetration testing solutions.

Receive a personal consultation on Rapid7 solutions from certified Softprom specialists.

Softprom is an official distributor of Rapid7.