In 2015 Rapid7 introduced the Insight platform, built to reduce the complexity inherent in security analytics. This reality was introduced first to our InsightIDR users, who now had the capabilities of a SIEM, powered by user behavior analytics (UBA) and endpoint detection. Soon we started to roll out new solutions and amplified other products with platform services, which significantly reduce the overall total cost of ownership inherent with on-premise, analytics-driven solutions. Taking advantage of the Insight platform means users can automatically scale their individual use-cases, whether incident detection or vulnerability management, to meet their particular needs.
This same platform now daily processes more than 50 billion events, and monitors millions of assets. With today’s announcement, it is the first platform to unify solutions for vulnerability management, user behavior analytics (UBA), SIEM, IT log analytics, and application security.
Vulnerability Management = VM
Today Rapid7 announces the launch of InsightVM, which builds on Rapid7’s award-winning, vulnerability management solution, Nexpose, now fully leveraging the power of the cloud to provide live answers to security professionals’ most critical questions. InsightVM’s live monitoring gathers continuous data - whether via agents or agentless - so security professionals can see the risk posed by their entire network footprint, including cloud, virtual, and endpoints.
Let’s dive into this more.
InsightVM automatically collects live data across your environment and uses the Insight platform for data analytics and processing to provide:
- Liveboards, our live dashboards that are fully customizeable, update instantly with always fresh data, and can be easily queried to focus on any use case, from sys admins to CISOs, with no need for complex scripting or waiting for data to refresh. New capabilities include cards for tracking remediation progress and accountability.
- Insight Agents, a lightweight endpoint agent that minimizes network usage by taking a baseline at first install and then communicating only changes on a system to the InsightVM console and platform. InsightIDR uses the same agent, so you get a unified solution for monitoring endpoints for new vulnerabilities and attacker behavior. New capabilities include proxy and Linux support.
- Remediation workflows, which let you create and track remediation duties from within InsightVM, and enable IT and Security to work closer together on fixing issues, without miscommunication and back-and-forth meetings. New capabilities include in-product integration with JIRA to automatically create tickets for new projects, and update remediation projects when tickets are closed.
- A new subscription based pricing model, licensed by number of active assets you want to scan. This makes it easier and more cost effective for customers to purchase InsightVM, simplifies scope for deployment, and allows InsightVM to easily grow with your network.
Along with the introduction of InsightVM, we are also helping simplify and bolster Nexpose users. In the past we had several editions of Nexpose, but with this announcement we now have two effective vulnerability management solutions: InsightVM, powered by our cloud platform, and Nexpose, our on-premise solution.
Why? Well, there are a lot of reasons, primarily feedback from our customers over the years that we have been evolving our vulnerability management solution. And, this allows us to have separate product roadmaps for our dedicated on-premise offering and our cloud-powered InsightVM solution, which will make it easier to incorporate future customer feedback and deploy exciting new capabilities in both solutions!
Over the coming weeks, you’ll see numerous blog posts detailing these new capabilities and how they will help our customers save time, better understand their risk, and improve their security posture. If you’d like to learn more, be sure to sign up for our webcast on the 19th, and check out the FAQ.