Rapid7 Launches Incident Response Services to Help Enterprises Respond Confidently to Advanced Attacks
March 03 2015 - 10:05AM
Business Wire
Rapid7 provides world-class expertise to improve incident
response planning and manage breach investigations
Rapid7, a leading provider of security data and analytics
software and services, today announced the general availability of
Incident Response and Incident Response Program Development
Services to help enterprises improve their preparation and response
to advanced attacks. The newly-launched services empower security
teams to dramatically shorten their time to respond, investigate,
and remediate a breach. Additionally, Rapid7’s Incident Response
Program Development services help teams to optimize their approach
to planning for security incidents. Both service offerings are
driven by industry veterans with more than 15 years of experience
in managing response activities for organizations of all sizes and
industries.
“Security teams face a motivated and nimble attacker and every
team has to prepare for the possibility of a breach,” said Nicholas
J. Percoco, vice president of Strategic Services at Rapid7.
“Rapid7’s Incident Response Services can help organizations prepare
with an appropriate plan, and respond with the help of world-class
industry experts.”
Recent studies have shown that the number of attacks has
increased by 48% since 20131, yet 78% of companies do not have
recently-reviewed security and incident response programs2.
Frequently, organizations discover during attacks that they have
dated investments in technology, an insufficient number of trained
staff, and a response plan which has never been practiced. Further,
managing incident response to ensure that the attackers are removed
and the damage is assessed is also complicated by the maze of
regulatory requirements and breach notification laws. Rapid7’s
Incident Response Program Development and Incident Response
Services offerings help customers to plan and execute a precise,
timely, and accurate response with the benefit of world-class
experts.
The newly created Incident Response division is part of the
Strategic Services organization driven by renowned information
security leader, Nicholas J. Percoco, who previously built and ran
Trustwave’s SpiderLabs. The Incident Response group is led by Wade
Woolwine, a veteran of Mandiant’s Managed Defense business unit,
where his team was responsible for delivering all incident response
activities, performing intelligence management, systems/technology
integration, and research and development on new threat detection
and incident response techniques. Wade also served as a threat
detection and incident response analyst in a number of different
government agencies. The Incident Responders team is led by Mike
Scutt, an expert on Windows forensics, malware analysis, and
incident response.
Incident Response Program Development
Effective response planning can help an organization to be more
proficient at threat detection and increase readiness to respond to
security incidents. Incident Response Program Development starts
with a detailed evaluation of the current state of an
organization’s threat detection and incident response program
against Rapid7’s best practices and understanding of current
attacker methodology. The resulting scorecard provides the
foundation for creating a new incident response plan that includes
guidance on preparation, anomalous behavior detection, incident
management, technical response, and communications plans. To
reinforce the guidance, Rapid7 experts perform threat simulation
sessions where the incident response team works through real breach
scenarios, coordinate technical response activities, identify key
sources of evidence, perform mock communications, and make
recommendations for customers to prioritize cleanup and recovery.
At the end of the engagement, organizations have the foundation for
a sustainable investment across all three critical vectors of
people, processes, and technology to minimize exposure in the event
of a breach.
Incident Response Services
When a security incident occurs, speed is of the essence. Rapid7
Incident Response Services gives customers access to the critical
expertise and technology needed to accelerate incident
investigation and containment. The Rapid7 Incident Response team is
composed of industry-leading experts with an average of 15 years of
experience investigating breaches of all sizes and across many
industries. The teams have extensive experience in network
analysis, forensics, and malware analysis, and are assisted by
Rapid7’s unique technology assets. Rapid7 teams will work with
in-house teams to scope the incident and focus on identifying all
attacker remote access capabilities, restoring prioritized business
processes and systems, and securing all compromised user
accounts.
To complement its world-class Incident Response Services, Rapid7
offers a retainer-based offering to ensure availability of
resources to respond to breaches. Rapid7 goes beyond traditional
retainers by delivering a threat readiness assessment where our
experts evaluate key areas of threat detection and incident
response capabilities and establish breach response processes.
Additionally, Rapid7 offers customers the ability to convert a
portion of their unused pre-purchased hours to drive improvements
in any aspect of their security program.
Rapid7 Incident Response Program Development and Incident
Response Services are available immediately. For more information,
please contact info@rapid7.com.
About Rapid7
Rapid7’s security data and analytics software and services help
organizations reduce the risk of a breach, detect and
investigate attacks, and build effective IT security programs. With
comprehensive real-time data collection, advanced correlation, and
unique insight into attacker techniques, Rapid7 strengthens an
organization’s ability to defend against everything from
opportunistic drive-by attacks to advanced threats. Unlike
traditional vulnerability management and incident detection
technologies, Rapid7 provides visibility, monitoring, and insight
across assets and users from the endpoint to the cloud. Dedicated
to solving the toughest security challenges, we offer unmatched
capabilities to spot intruders leveraging today’s #1 attack vector:
compromised credentials. Rapid7 is trusted by more than 3,500
organizations across 78 countries, including 30% of the Fortune
1000.
1 2015 PWC Global State of Information Security;
http://www.pwc.com/gx/en/consulting-services/information-security-survey/download.jhtml
2 Is Your Company Ready for a Big Data Breach? The Second Annual
Study on Data Breach Preparedness
http://www.experian.com/assets/data-breach/brochures/2014-ponemon-2nd-annual-preparedness.pdf;
78% stat is a combination of “No Set Time for reviewing and
updating the plan” and “We have not reviewed or updated the plan
since it was put in place.”
For Rapid7Natalie Denyse, 617-779-1820Rapid7@shiftcomm.com