Browse Rapid7 Reviews

Gartner defines adversarial exposure validation (AEV) as technologies that deliver consistent, continuous and automated evidence of the feasibility of an attack. These technologies confirm how potential attack techniques would successfully exploit an organization and circumvent prevention and detection security controls. They achieve this by performing attack scenarios and modeling or measuring the outcome to prove the existence and exploitability of exposures. AEV is generally delivered as a SaaS solution with or without on-premises agents. AEV technologies provide automated execution of both simplified and/or extensible attack scenarios. Results data from an executed attack scenario is used for various outcomes, such as: validating a theoretical exposure as real, automating frequent controls testing, improving preventive security posture or improving detection and response capabilities.

• Metasploit
  4.3

  94 Reviews
• Vector Command
  5.0

  1 Review

Gartner defines the application security testing (AST) market as consisting of providers of products that enable organizations to assess applications for the presence and management of risk. These products identify risk by evaluating source code, performing runtime tests and inspecting supply chain components. AST products can be integrated throughout development workflows for continuous assessment or be used to perform ad hoc evaluations. They enable organizations to manage application risks by providing an integrated set of capabilities for risk identification, prioritization and triage, policy evaluation and enforcement, and remediation assistance. Market offerings are available in on-premises, SaaS and hybrid delivery models. Organizations leverage AST products to assess applications for the presence of security vulnerabilities and other risks (e.g., legal and operational) throughout their life cycle. These assessments are used to measure and manage the risks within individual applications, application components or groups of applications in the context of their business criticality and other key attributes (e.g., environment, sensitive data handling, etc.). AST products further enable organizations to evaluate software for compliance with internal policies as well as regulatory requirements established by governments or authoritative industry groups.

• AppSpider Enterprise (Legacy)
  4.0

  2 Reviews

Cloud security posture management tools help in the identification and remediation of risks across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). These tools continuously assess the security posture across multi-cloud environments by maintaining a current inventory of the cloud assets for proactive analysis and risk assessment to detect any misconfigurations. Once these misconfigurations are identified, security controls are developed and implemented. CSPM solutions also integrate with DevOps tools, streamlining the incident response process and ensuring continuous compliance with regulatory requirements and security frameworks by providing visibility of the cloud environment’s security posture.

• InsightCloudSec
  4.7

  12 Reviews

Cyber asset attack surface management (CAASM) is focused on enabling security teams to overcome asset visibility and exposure challenges. It enables organizations to see all assets (internal and external), primarily through API integrations with existing tools, query consolidated data, identify the scope of vulnerabilities and gaps in security controls. These tools then continuously monitor and analyze detected vulnerabilities to drill down the most critical threats to the business and prioritize necessary remediation and mitigation actions for improved cyber security.

• Surface Command
  4.4

  22 Reviews

Exposure assessment platforms (EAPs) continuously identify and prioritize exposures, such as vulnerabilities and misconfigurations, across a broad range of asset classes. They natively deliver or integrate with discovery capabilities, such as assessment tools, that enumerate exposures, like vulnerabilities and configuration issues, to increase visibility. EAPs use techniques like threat intelligence (TI) to analyze an organization’s attack surfaces and weaknesses, and prioritize treatment efforts for high-risk exposures by incorporating threat landscape, business and existing security control context. Through prioritized visualizations and treatment recommendations, EAPs help provide direction for mobilization, identifying the various teams involved in mitigation and remediation. EAPs are primarily delivered as self-hosted software or as a cloud service, and may use agents for exposure information collection.

• Exposure Command
  5.0

  2 Reviews

IT Security refers to products and services that protect digital systems and data from cyber threats and unauthorized access. This category includes markets that focus on network security, identity management, data protection, and cloud security, enabling organizations to reduce risk, ensure compliance, and operate securely in a digital world.

• Rapid7 Managed AppSec
  4.2

  2 Reviews
• InsightAppSec
  4.3

  215 Reviews

Gartner defines the insider risk management (IRM) market as solutions that use advanced analytics, monitoring, and behavior-based risk models to detect, analyze and mitigate risks posed by trusted insiders within an organization. These solutions monitor the activities of employees, service partners and key suppliers to ensure their behavior aligns with corporate policies and risk tolerance levels. IRM platforms can be delivered as cloud-based services or on-premises solutions, or in hybrid forms. When effectively implemented alongside proper governance, they provide comprehensive visibility, real-time detection, and proactive intervention to safeguard against data theft, fraud and other malicious or unintentional insider threat activities.

• InsightIDR
  4.3

  37 Reviews

Gartner defines managed detection and response (MDR) services as those that provide customers with remotely delivered security operations center (SOC) functions. These functions allow organizations to perform rapid detection, analysis, investigation and response through threat disruption and containment. They offer a turnkey experience, using a predefined technology stack that commonly covers endpoints, networks, logs and cloud. Telemetry is analyzed within a provider’s platform using a range of techniques. The MDR provider’s analyst team then performs threat hunting and incident management to deliver recommended actions to their clients. MDR offers outcome-driven security incident management that is predicated on the detection, analysis and investigation of potentially impactful security events and the delivery of active threat disruption and containment actions to respond to and mitigate the impact of cyber breaches.

• Rapid7 Managed Detection and Response Services
  4.5

  315 Reviews

The SACBT market is characterized by vendor offerings that include one or more of the following capabilities: 1. Ready-to-use training and educational content. 2. Employee testing and knowledge checks. 3. Availability in multiple languages, natively or through subtitling or partial translation (in many cases, language support is diverse and localized). 4. Phishing and other social engineering attack simulations. 5. Platform and awareness analytics to help measure the efficacy of the awareness program. Training modules are available as cloud-hosted SaaS applications or on-premises deployments via client-managed learning management systems (LMSs), and also support the Sharable Content Object Reference Model (SCORM) standard, enabling integration with corporate LMSs.

• Rapid7 Security Awareness Training
  4.6

  12 Reviews

Security consulting firms are advisory and consulting services (see 'Definition: Cybersecurity' ) related to information and IT security design, evaluation and recommendations. These services are procured by various stakeholders in an organization, including boards of directors, CEOs, chief risk officers (CROs), chief information security officers (CISOs), chief information officers (CIOs), and other business and IT leaders for the purpose of obtaining and ensuring acceptable risk levels for a specific client organization.

• Rapid7 Global Consulting Services
  3.7

  10 Reviews

Security information and event management (SIEM) is a configurable system of record that collects, aggregates and analyzes security event data from on-premises and cloud environments. SIEM processes security event data for the purposes of threat detection, investigation and response. It natively supports data normalization and offers user-configurable detection content and reporting to orchestrate threat mitigation and satisfy compliance requirements. These solutions are delivered via a SaaS platform or client-hosted on-premises or private cloud. The security information and event management (SIEM) system must assist with: 1. Aggregating and normalizing data from various IT and operational technology (OT) environments. 2. Designing and executing near real-time monitoring and alerting content. 3. Enriching and investigating security events of interest. 4. Supporting manual and automated response actions. 5. Maintaining and reporting on current and historical event data.

• InsightIDR
  4.4

  371 Reviews

Security orchestration, automation and response (SOAR) solutions combine incident response, orchestration and automation, and threat intelligence (TI) management capabilities in a single platform. SOAR tools are also used to document and implement processes (aka playbooks, workflows and processes); support security incident management; and apply machine-based assistance to human security analysts and operators. SOAR solutions must provide: - Highly customizable workflow process management that enables repeatable automated tasks to be turned into playbooks that run in isolation or joined together into more sophisticated workflows. - The ability to store (locally or in a third-party system) incident management data to support SecOps investigations. - Manually instigated and automated triggers that augment human security analyst operators to carry out operational tasks consistently. - A mechanism to collate and better operationalize the use of threat intelligence. - Support for a broad range of existing security technologies that supports improved analyst efficiency and acts as an abstraction layer between the desired outcomes and the custom-made set of solutions in place in your environment.

• InsightConnect
  4.0

  17 Reviews

VA solutions identify, categorize and prioritize vulnerabilities as well as orchestrate their remediation or mitigation. Their primary focus is vulnerability and security configuration assessments for enterprise risk identification and reduction, and reporting against various compliance standards. VA can be delivered via on-premises, hosted and cloud-based solutions, and it may use appliances and agents. Core capabilities include: - Discovery, identification and reporting on device, OS, software vulnerabilities and configuration against security-related criteria - Establishing a baseline for systems, applications and databases to identify and track changes in state - Reporting options for compliance, control frameworks and multiple roles Standard capabilities include: - Pragmatic remediation prioritization with the ability to correlate vulnerability severity, asset context and threat context that then presents a better picture of true risk for your specific environment - Guidance for remediating and configuring compensating controls - Management of scanner instances, agents and gateways - Direct integration with, or API access to, asset management tools, workflow management tools and patch management tools

• InsightVM
  4.3

  740 Reviews
• Nexpose
  4.7

  9 Reviews