Rapid7 Attacker Behaviour AnalyticsBrings Together Machine Learning and Human Security Expertise

InsightIDR is now the only SIEM providing User Behaviour Analytics, Endpoint Detection and Response, and Attacker Behaviour Analytics 

Rapid7, Inc. (NASDAQ: RPD), powering SecOps through its visibility, analytics and automation cloud, today announced a new capability, Attacker Behaviour Analytics (ABA), in its InsightIDR solution. Attacker Behaviour Analytics are detections that reveal unknown variants of successful attacker techniques, and are continually crafted by Rapid7’s global security analysts and threat intelligence teams. With ABA, InsightIDR customers directly benefit from this stream of intelligence from Rapid7 SOCs, resulting in earlier attack chain detection and faster possible response to evolving attacks.

“In order for a modern SIEM to be trusted as the heart of an incident detection program, it needs to collect and centralize the right data, apply the right analytics, and explain why the output is meaningful,” says Rebekah Brown, Threat Intelligence Leader at Rapid7.  “Technology is a great start, but security still requires a persistent focus on human adversaries. Attacker Behaviour Analytics allows our security analysts and threat intel teams to share what we are seeing on the frontlines automatically with all of our InsightIDR customers. Organisational blue teams don’t just want defence-in-depth, but expect agile detection engineering and guidance around adversary intent, capability, and opportunity. Now that our SOCs can directly contribute to InsightIDR, if we identify a novel attacker technique, we can push out a new detection to be automatically matched against customer data in hours.”

With the addition of ABA, all InsightIDR customers will automatically receive high-fidelity alerts on evolving attacker behaviours built from thousands of incident investigations, including the use of fileless malware, cryptojacking, and spear phishing. When these malicious techniques are identified, alerts highlight notable behaviour from the affected user and asset, making it significantly easier for security teams to respond quickly and with confidence.

Rapid7’s SIEM, InsightIDR, recognizsd as a Visionary in Gartner’s 2017 Magic Quadrant for Security Information and Event Management, is one of the company’s analytic and automation cloud solutions used by teams around the world to power the internal practice of SecOps. InsightIDR provides centralised log management, threat detection rules and correlations, user behavior analytics, machine learning, compliance dashboards, and integrates easily into existing workflows. With the addition of Attacker Behaviour Analytics, InsightIDR is the only SIEM solution that combines machine learning and ongoing human input to surface attacks as early as possible, and provide critical context about both the user and adversary in order to accelerate incident response.


Subscribe to the Global Banking & Finance Review Newsletter for FREE
Get Access to Exclusive Reports to Save Time & Money

By using this form you agree with the storage and handling of your data by this website. We Will Not Spam, Rent, or Sell Your Information.
All emails include an unsubscribe link. You may opt-out at any time. See our privacy policy.

Sign up for a free trial of InsightIDR: https://www.rapid7.com/try/insightidr/