Rapid7 Brings Peace of Mind 和 Newfound Time for Lean Teams
关于Acme砖
自1891年成立以来, Acme砖 has continually advanced the art 和 science of brickmaking, 使砖变得便宜, 可持续发展的, 持久的, 和 beautiful choice for America's homeowners, 建筑商, 承包商, 机构, 和企业.
所面临的挑战
Dusty Zook has been with Acme砖 for seven years. In his earliest days, there was no “security team” – just a single employee. 今天, there are just two team members (Zook 和 an analyst) responsible for the security posture of 1200 workstation 和 servers as well as 1200 actual active users. Naturally, life can get overwhelming for this team of two. Acme砖 needed a tool that could streamline the day-to-day operations of a very lean team – in fact, Zook called the need for efficiency “critical” from day one.
解决方案
“InsightVM was the only Rapid7 product that we had purchased at first,祖克回忆道。, 是谁的团队带来了insight tidr, InsightConnect, 和Metasploit. “在我们过渡到insighttidr之前, I would spend my entire day on another platform 和 not look at any other tool because none of our other tools really fed into it. 我无法跟上每件事. 和, when we looked at trying to streamline 和 bring everything into one pane of glass, Rapid7 showed us the simplicity of the InsightIDR user interface. 我告诉你, being able to log in 和 to see all of our other security tools feeding into Rapid7 makes my day-to-day go way faster.”
According to Zook, that efficiency extends to his analyst colleagues as well. 他登录了一个工具, 如果我们看到警报, then we can log into the other tools in one pane of glass. 这一切都进入了Rapid7, 和 we’re using it as a simple single pane of glass to make our day go smoother.”
远离朝九晚五的平静心态
“漏洞管理是一项复杂的工作,祖克若有所思地说, referencing the fact that he has one analyst who is responsible for much more. Zook 和 his analyst are both happy that Rapid7 allows them to efficiently learn as much as they want about different aspects of their security posture. “InsightVM helps us underst和 where our weak points are… which workstations or servers are missing critical patches, 例如. It helps us find those weak links in the system or in the network. 和, the fact that it feeds back into IDR just makes it an even better tool. We could use other vulnerability management tools, but they’re not going to integrate like Rapid7.”
Furthermore, Zook waxes poetic about InsightVM’s ability to find an asset 和 filter down with ease. “Let’s say I’m going to try to find every workstation that has a specific CVE. With InsightVM, it’s super easy, 和 it doesn’t take very long. I can export a list within just a few minutes. I don’t have to write a complex query that says, If this, not that, but this. 这很简单. 和 it’s critical for us that we’re not spending hours to find 和 investigate assets.”
图标:一个关键的添加
Zook is also very happy that his organization elected to utilize InsightConnect with InsightIDR in recent years. “There have been instances where we got an alert when access to a user’s account was being attempted in a foreign country – not a country that we would do business in, nor a country that the user was vacationing in,他解释道.
“It was such a critical alert that it was actually sent to our Slack notifications. Because we had InsightConnect set up for Slack notifications, 我们很快就看到了这一点,祖克继续说。. 在短短几分钟内, we’re able to get the user’s account shut down with password reset 和 then start the investigation. 没有妥协. 十分钟内就修好了.”
“How fast does it take for a bad actor to compromise an account, 使用这个账户, 发送数千封电子邮件, 或者开始以消极的方式利用它?他反问. “I mean, within minutes, they’re going to cause some damage. 我们以前见过. But because of ICON, we were notified very quickly. 这对我们有帮助. 它把我们从事故中救了出来.”
出人头地
When asked for a bottom line about Rapid7, Zook barely hesitated to offer a strong endorsement.. “这是一个很好的平台. 它只是一块玻璃. That is the most critical part about all this – you log into one website, 一个接口, 你看到了这一切. You have access to all the integrations, your tools, 和 everything else; it’s just impressive. 和 Rapid7 is constantly evolving 和 improving, which helps them st和 out above other similar vendors.”
Tame the chaos of cloud integration with a security strategy that reduces risk across your entire environment
