Rapid7 is present in 13 markets with 15 products. Rapid7 has 1773 reviews with an overall average rating of 4.4.
Adversarial Exposure Validation
Gartner defines adversarial exposure validation (AEV) as technologies that deliver consistent, continuous and automated evidence of the feasibility of an attack. These technologies confirm how potential attack techniques would successfully exploit an organization and circumvent prevention and detection security controls. They achieve this by performing attack scenarios and modeling or measuring the outcome to prove the existence and exploitability of exposures. AEV is generally delivered as a SaaS solution with or without on-premises agents. AEV technologies provide automated execution of both simplified and/or extensible attack scenarios. Results data from an executed attack scenario is used for various outcomes, such as: validating a theoretical exposure as real, automating frequent controls testing, improving preventive security posture or improving detection and response capabilities.
Rapid7 has 1 product in Adversarial Exposure Validation market
Application Security Testing
Gartner defines the application security testing (AST) market as the buyers and sellers of products and services designed to analyze and test applications for security vulnerabilities. This market is highly dynamic and continues to experience rapid evolution in response to changing application architectures and enabling technologies. AST tools are offered either as software-as-a-service (SaaS)-based subscription offerings, or less often, as on-premises software. Many vendors offer both options.
Rapid7 has 2 products in Application Security Testing market
Cloud Security Posture Management Tools
Cloud security posture management tools help in the identification and remediation of risks across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). These tools continuously assess the security posture across multi-cloud environments by maintaining a current inventory of the cloud assets for proactive analysis and risk assessment to detect any misconfigurations. Once these misconfigurations are identified, security controls are developed and implemented. CSPM solutions also integrate with DevOps tools, streamlining the incident response process and ensuring continuous compliance with regulatory requirements and security frameworks by providing visibility of the cloud environment’s security posture.
Rapid7 has 1 product in Cloud Security Posture Management Tools market
Cyber Asset Attack Surface Management
Cyber asset attack surface management (CAASM) is focused on enabling security teams to overcome asset visibility and exposure challenges. It enables organizations to see all assets (internal and external), primarily through API integrations with existing tools, query consolidated data, identify the scope of vulnerabilities and gaps in security controls. These tools then continuously monitor and analyze detected vulnerabilities to drill down the most critical threats to the business and prioritize necessary remediation and mitigation actions for improved cyber security.
Rapid7 has 1 product in Cyber Asset Attack Surface Management market
Exposure Assessment Platforms
Exposure assessment platforms (EAPs) continuously identify and prioritize exposures, such as vulnerabilities and misconfigurations, across a broad range of asset classes. They natively deliver or integrate with discovery capabilities, such as assessment tools, that enumerate exposures, like vulnerabilities and configuration issues, to increase visibility. EAPs use techniques like threat intelligence (TI) to analyze an organization’s attack surfaces and weaknesses, and prioritize treatment efforts for high-risk exposures by incorporating threat landscape, business and existing security control context. Through prioritized visualizations and treatment recommendations, EAPs help provide direction for mobilization, identifying the various teams involved in mitigation and remediation. EAPs are primarily delivered as self-hosted software or as a cloud service, and may use agents for exposure information collection.
Rapid7 has 1 product in Exposure Assessment Platforms market
Insider Risk Management Solutions
Gartner defines the insider risk management (IRM) market as solutions that use advanced analytics, monitoring, and behavior-based risk models to detect, analyze and mitigate risks posed by trusted insiders within an organization. These solutions monitor the activities of employees, service partners and key suppliers to ensure their behavior aligns with corporate policies and risk tolerance levels. IRM platforms can be delivered as cloud-based services or on-premises solutions, or in hybrid forms. When effectively implemented alongside proper governance, they provide comprehensive visibility, real-time detection, and proactive intervention to safeguard against data theft, fraud and other malicious or unintentional insider threat activities.
Rapid7 has 1 product in Insider Risk Management Solutions market
Managed Detection and Response
Gartner defines managed detection and response (MDR) services as those that provide customers with remotely delivered security operations center (SOC) functions. These functions allow organizations to perform rapid detection, analysis, investigation and response through threat disruption and containment. They offer a turnkey experience, using a predefined technology stack that commonly covers endpoints, networks, logs and cloud. Telemetry is analyzed within a provider’s platform using a range of techniques. The MDR provider’s analyst team then performs threat hunting and incident management to deliver recommended actions to their clients. MDR offers outcome-driven security incident management that is predicated on the detection, analysis and investigation of potentially impactful security events and the delivery of active threat disruption and containment actions to respond to and mitigate the impact of cyber breaches.
Rapid7 has 1 product in Managed Detection and Response market
Security Awareness Computer-Based Training
The SACBT market is characterized by vendor offerings that include one or more of the following capabilities: Ready-to-use training and educational content; Employee testing and knowledge checks; Availability in multiple languages, natively or through subtitling or partial translation (in many cases, language support is diverse and localized); Phishing and other social engineering attack simulations; Platform and awareness analytics to help measure the efficacy of the awareness program. Training modules are available as cloud-hosted SaaS applications or on-premises deployments via client-managed learning management systems (LMSs), and also support the Sharable Content Object Reference Model (SCORM) standard, enabling integration with corporate LMSs.
Rapid7 has 1 product in Security Awareness Computer-Based Training market
Security Consulting Services, Worldwide
Security consulting firms are advisory and consulting services (see 'Definition: Cybersecurity' ) related to information and IT security design, evaluation and recommendations. These services are procured by various stakeholders in an organization, including boards of directors, CEOs, chief risk officers (CROs), chief information security officers (CISOs), chief information officers (CIOs), and other business and IT leaders for the purpose of obtaining and ensuring acceptable risk levels for a specific client organization.
Rapid7 has 1 product in Security Consulting Services, Worldwide market
Security Information and Event Management
SIEM is a configurable security system of record that aggregates and analyzes security event data from on-premises and cloud environments. SIEM assists with response actions to mitigate issues that cause harm to the organization and satisfy compliance and reporting requirements. The security information and event management (SIEM) system must assist with: 1. Aggregating and normalizing data from various IT and operational technology (OT) environments 2. Identifying and investigating security events of interest 3. Supporting manual and automated response actions 4. Maintaining and reporting on current and historical security events
Rapid7 has 1 product in Security Information and Event Management market
Security Orchestration, Automation and Response Solutions (Transitioning to Security Information and Event Management)
Security orchestration, automation and response (SOAR) solutions combine incident response, orchestration and automation, and threat intelligence (TI) management capabilities in a single platform. SOAR tools are also used to document and implement processes (aka playbooks, workflows and processes); support security incident management; and apply machine-based assistance to human security analysts and operators. SOAR solutions must provide: - Highly customizable workflow process management that enables repeatable automated tasks to be turned into playbooks that run in isolation or joined together into more sophisticated workflows. - The ability to store (locally or in a third-party system) incident management data to support SecOps investigations. - Manually instigated and automated triggers that augment human security analyst operators to carry out operational tasks consistently. - A mechanism to collate and better operationalize the use of threat intelligence. - Support for a broad range of existing security technologies that supports improved analyst efficiency and acts as an abstraction layer between the desired outcomes and the custom-made set of solutions in place in your environment.
Rapid7 has 1 product in Security Orchestration, Automation and Response Solutions (Transitioning to Security Information and Event Management) market
Security Solutions - Others
Reviews for 'Security Solutions - Others'
Rapid7 has 1 product in Security Solutions - Others market
Vulnerability Assessment
VA solutions identify, categorize and prioritize vulnerabilities as well as orchestrate their remediation or mitigation. Their primary focus is vulnerability and security configuration assessments for enterprise risk identification and reduction, and reporting against various compliance standards. VA can be delivered via on-premises, hosted and cloud-based solutions, and it may use appliances and agents. Core capabilities include: - Discovery, identification and reporting on device, OS, software vulnerabilities and configuration against security-related criteria - Establishing a baseline for systems, applications and databases to identify and track changes in state - Reporting options for compliance, control frameworks and multiple roles Standard capabilities include: - Pragmatic remediation prioritization with the ability to correlate vulnerability severity, asset context and threat context that then presents a better picture of true risk for your specific environment - Guidance for remediating and configuring compensating controls - Management of scanner instances, agents and gateways - Direct integration with, or API access to, asset management tools, workflow management tools and patch management tools
Rapid7 has 2 products in Vulnerability Assessment market