sb-eu logo
Story image

Rapid7 Leader in Magic Quadrant for SIEM

27 Feb 2020

Rapid7 has been named a Leader in Gartner’s 2020 Magic Quadrant for Security Information and Event Management (SIEM).

The report defines the market by defining SIEM systems as those that “collect, store, investigate, support mitigation and report on security data for incident response, forensics and regulatory compliance.”

Rapid7’s InsightIDR is the primary technology offering that earned the company its place in the report. However, under Strengths, the report notes that “Rapid7’s portfolio of complementary technologies (e.g., vulnerability management and SOAR) helps organisations address several aspects of security operations, including threat detection and response ... (and) Rapid7 can offer managed services for threat detection and response based on InsightIDR.”

The simplicity of deployment and out-of-the-box applications are also noted as strengths, as well as the companies handling of all patches, platform updates, and detection, response and report content updates.

The cautions in the report all revolve around small but specific issues such as a limited alliance ecosystem and its reliance on AWS. 

“InsightIDR and Rapid7’s corresponding managed detection and response offering are built to reduce complexity and accelerate detection and response in modern environments, helping teams achieve the efficiency and effectiveness required to manage security risk,” says Rapid7 detection and response practice senior vice president Richard Perkett. 

“We believe our position as a Leader in this year’s Gartner Magic Quadrant is a testament to the value and return on investment our customers immediately realise.”

Other Leaders are Splunk, IBM, Exabeam, LogRhythm, Securonix and Dell RSA.

Rapid7 outlines that InsightIDR offers:

  • Ease of deployment ​– ​According to Gartner Peer Insights, “88% of InsightIDR customers indicated ease of deployment.”
     
  • Fast time to value ​– InsightIDR supports hundreds of data sources and out-of-the-box detections, giving users reliable alerts from day one.
     
  • Cloud-native ​– InsightIDR has been hosted in the cloud since day one, making it easier to manage, scale, and update than traditional on-premises offerings.
     
  • Feature-rich functionality ​– Rapid7 goes beyond log collection to offer User and Entity Behaviour Analytics (UEBA), Attacker Behaviour Analytics (ABA) curated by its SOC team, visual investigation timelines, file integrity monitoring, endpoint monitoring, deception technology, and more ​– all in one, easy-to-use solution.
     
  • Accelerate response ​– InsightIDR provides high context investigations and automation to eliminate threats quickly and minimise attacker impact.
     
  • Platform and service offerings ​– ​Engage Rapid7’s services team or integrate with other Rapid7 Insight solutions, including vulnerability management, orchestration and automation, and application security.
Story image
Is cyber deception the latest SOC 'game changer'?
Cyber deception reduces data breach costs by more than 51% and Security Operations Centre (SOC) inefficiencies by 32%, according to a new research report by Attivo Networks and Kevin Fiscus of Deceptive Defense.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
Just one click – that’s all it takes to let in cyber-crime
So how do organisations ensure that users are not compromised by simply doing their work?  The answer is surprisingly simple, writes Bufferzone Security business strategist for A/NZ Greg Wyman.More
Story image
Research: 61% of companies have suffered an insider attack in last 12 months
It comes as rapid migration to cloud and remote working and BYOD scenarios leave organisations increasingly vulnerable to insider attacks as a result of the upheaval caused by the COVID-19 pandemic.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More