Public sector organisations now able to leverage the power of security data and analytics with Rapid7’s industry-leading, cloud-based products and services through G-Cloud 8 Framework

Rapid7, Inc. (NASDAQ: RPD), a leading provider of security data and analytics solutions, announced today that its cloud delivered security solutions have been added to the Crown Commercial Service (CCS) registry and are now accessible to public sector organisations. Rapid7 solutions accelerate insight into security and IT operations, arming customers with live information around vulnerabilities and user behaviours. The Company focuses on giving IT and security professionals the power to act at the moment of impact to detect, deter, and investigate threats and incidents.

Rob Attree, EMEA director of sales atRapid7 commented on the agreement: “We are thrilled that eight of our products and services have been accepted into the G-Cloud framework, a fully EU compliant system. This arrangement will provide government and public sector bodies with direct access to Rapid7’s leading security and IT products and services to enable them to achieve their cybersecurity goals.”

According to the Information Commissioner’s Office Data Security Incidents Trends, healthcare suffers more data breaches than any other sector in the UK, with 184 breaches reported in the final quarter of 2015 alone. The second most breached sector was local government, which reported 43 breaches in the same quarter. Consequently, security is becoming increasingly high on the IT agenda for UK organisations, particularly the public sector. Rapid7 solutions aim to empower IT and security professionals to protect their organisations by collecting data and transforming it into prioritised and actionable insight. The Company helps organisations to prevent attacks by providing visibility into vulnerabilities, and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks.

Rapid7 now provides a range of SaaS solutions and specialist security services to the UK public sector, including:

• InsightIDR: Leverages attacker analytics to detect intruder activity on-demand, cutting down false positives and days’ worth of work for security professionals. The solution unifies the capabilities of SIEM, EDR, and UBA to detect behaviours that are indicative of compromised credentials, spot lateral movement across assets, uncover malware, and sets traps for intruders.
• Managed Web Application Security: A highly accurate and scalable solution that collects web application data for vulnerability scanning, prioritises what needs to be fixed first, and helps security teams remediate fixes faster without purchasing, installing, and monitoring software. Powered by Rapid7 AppSpider, the service is purpose built to scan all modern apps from Single Page Applications (SPAs) to mobile.
• Managed Vulnerability Management: Live vulnerability monitoring using automated tools to scan identified systems and infrastructure within an organisations’ IT environment with support from a dedicated Managed Service Consultant (“MSC”). The MSC will complete these scanning activities and deliver prioritised insight that makes it easy for IT teams to remediate and reduce risk.
• Managed Detection and Response (Analytic Response): An extension of customers’ internal security team, which provides continuous threat detection by accurately identifying known threats, unknown threats, and intruder movement from the endpoint to the cloud. Rapid7 analysts can also pivot seamlessly into incident response to identify the extent of the breach and provide detailed steps on how to contain it.
• Cyber Security Maturity Assessment: A high-level operational gap analysis/risk assessment targeting approximately 20 critical control areas. The goal of this assessment is to drive measurable improvements over a multi–month timeframe and address both strategic and tactical aspects of improving security, including a prioritised set of security initiatives to be implemented by existing teams.
• CREST-certified Penetration Testing: Network, application, wireless, device, physical, and social engineering engagements that demonstrate the security level of an organisation’s key systems and infrastructure. This simulation of real–world attack vectors documents actual risks posed to companies from the perspective of a motivated attacker.
• Security Awareness Training: Offering of eight training modules, each with a target duration of 8-10 minutes in length with a formal assessment at the end of each module. Topics include: Malware Awareness, Social Engineering, Password Security, Email Security, Physical Security, Mobile Device Security, Phishing Awareness, and Travel Security.

The G-Cloud initiative is designed to help ease procurement with the use of cloud computing for all sections and departments of the UK government and includes a series of framework agreements with a wide range of suppliers. CCS’s vision is to deliver value for the nation through outstanding commercial capability and quality customer service. Its procurement arrangements can be used by central government departments and organisations across the public sector including local government, health, education, not-for-profit and devolved administrations. As such, any public sector group can buy items or services without running a full tender procurement process.

CCS’s commercial procurement solutions are fully EU compliant and provide significant savings for the taxpayer, helping to protect the delivery of front line services. The speed and ease of the procurement of Rapid7 SaaS and specialist service solutions can also provide notable savings for customers in terms of time and money.