Rapid7 Introduces “Active Response” for End-to-End Detection and Response

Rapid7 Introduces “Active Response” for End-to-End Detection and Response

We know your cybersecurity team is facing unprecedented challenges, including new and complex attacks that exploit your remote workforce and deliver malicious payloads (which, despite your best defenses, can bypass proactive security controls).


Managed Detection and Response (MDR) providers offer additional resources and expertise, taking on the brunt of security operations and giving you an advantage in the fight to protect your organization. Many providers focus on creating best-of-breed detections to spot known and unknown threats.


But when it comes to the “Response” element, not all methods are created equal.


For example, consider fighting a fire. To put out a small fire, you could respond using a fire extinguisher. But that same response method would be useless to stop a wildfire from spreading; you’d need a strategy to suppress the blaze using a control line and air support.


The same goes for your detection and response plan. Only focusing response on the endpoints to halt the propagation of malicious activity across user devices is like using a garden hose to respond to a multi-alarm fire. Maybe it would slow the flames, but it’s rare that it’ll be successful at putting it out.


Too often, MDR providers will recommend actions and strategies that index on containing a single element of the threat but not responding to the actual attack. In fact, our MDR team’s Findings Reports showed that 96% of incidents included end user compromise, with three out of every four incidents involving compromised user credentials. So, an effective response must use a strategy to cut an attacker ..

Support the originator by clicking the read the rest link below.