This is the third in a three-part series discussing common threats, key data sources, and how the Rapid7 portfolio can help you secure cloud environments. Be sure to check out Part 1, “Securing Your Cloud Environments with InsightIDR, Part 1: Microsoft Azure” and Part 2, "Securing Your Cloud Environments with InsightIDR, Part 2: Amazon Web Services (AWS)."
As companies continue to move more of their infrastructure and software into the cloud, their security teams are tasked with a new set of challenges. With a growing threat surface, they now need visibility into disparate environments, the ability to detect attacks and anomalous behavior, and the means to ultimately respond.
In this post, we’ll show you firsthand how security orchestration and automation (SOAR) helps teams accelerate their response to cloud-based threats.
Accelerating the investigation of compromised credentials with SOAR
One of the most common attacks targeting cloud environments is comprised credentials. As an organization, you may be seeing a multitude of events that could indicate compromised credentials, but each of these events requires varying levels of triage and investigation before you can ultimately respond to them. Combine that work with everything else your team is balancing, and it’s easy to see how these types of incidents fall through the cracks.
To illustrate how SOAR can accelerate your team’s response time to this kind of attack, we’ll look at an automated workflow that leverages the new integration between Rapid7’s security orchestration and automation (SOAR) solution, InsightConnect and
Support the originator by clicking the read the rest link below.
