Providing top of the line security for unmatched services: Rapid7

The Silicon Review

/thesiliconreview-corey-e-thomas-ceo-rapid7-19

The internet dominates almost every aspect of our life. We depend on it to pay our utility bills, make bank transactions, book movie tickets, store sensitive information on the cloud, and so on. Such a scenario dictates the need for comprehensive cybersecurity measures to ensure that sensitive customer data is not stolen or corrupted. Rapid7 is one of the world’s leading cybersecurity providers.

Rapid7 powers the practice of SecOps by delivering shared visibility, analytics, and automation that unites security, IT, and DevOps teams. The Rapid7 Insight platform empowers these teams to jointly manage and reduce risk, detect and contain attackers, and analyze and optimize operations. Rapid7 technology, services, and research drive vulnerability management, application security, incident detection and response (SIEM), orchestration and automation, and log management for more than 7,100 organizations across more than 120 countries, including 55% of the Fortune 100.

The Rapid7 Insight cloud collects data from across a client’s environment, making it easy for teams to manage vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate operations. Through automation and orchestration, organizations can free up team members to focus on strategic priorities with the confidence to know that things are running smoothly in the background. Rapid7 works together to make sure that its clients are getting the right security outcomes based on their business goals.

Let’s have a look at some of rapid7’s services

Advisory Services

If your company’s teams are overwhelmed, understaffed, unprotected, then Rapid7 won’t even ask when you last assessed your security program. It already has a pretty good guess. But don’t sweat it—many security teams can’t free up the time and resources to analyze their programs, or uncover the insight they need to improve it. That’s where Rapid7 comes in. Rapid7 Advisory Services can help clients not only get unstuck but move with purpose. The company’s Advisory Services were designed with industry realities in mind, built to help clients prioritize their security initiatives, align them with business models, and get it all done yesterday.

Rapid7’s Cybersecurity Maturity Assessment utilizes cybersecurity best practices and recognized cyber-frameworks to answer these questions surrounding a company’s existing security program. While the Cybersecurity Maturity Assessment is particularly valuable to medium and large businesses, organizations of any size can benefit from it.

The goal of the Cybersecurity Maturity Assessment is to provide a view of a company’s current security posture, an objective review of existing plans, and a guide to strategic planning. It will also help an organization develop tactical and strategic directions to further mature and strengthen security program efforts. Not to be forgotten, aligning security programs with the best practices outlined in the assessment better positions Rapid7’s clients to meet (and exceed) industry compliance standards.

Penetration Testing Services

In security as in life, one’s own weaknesses are the hardest to pinpoint. Fortunately, Rapid7 team of cybersecurity experts would have no problem in thoroughly documenting all of an organization’s security flaws. In fact, it’s what Rapid7 is good at. Knowing your vulnerabilities—and the ways in which attackers could exploit them—is one of the greatest insights you can get in improving your security program. With that in mind, Rapid7’s Penetration Testing Services team will simulate a real-world attack on your networks, applications, devices, and/or people to demonstrate the security level of your key systems and infrastructure and show you what it will take to strengthen it. Much like your mom, we don't highlight your failings because it bothers you—we do it because we care.

The best way to stop attackers is to think and act like one. Which is why, unlike many security firms, Rapid7 doesn’t hire recent grads or people with more experience in IT than security as pen testers. Instead, Rapid7’s team includes good people who know about bad things. Things like ATM hacking, multi-function printer exploitation, automobile keyless entry attacks, endpoint protection bypass techniques, RFID cloning, security alarm system bypass… you get the idea. Those kinds of people are way more than security experts—they’re bonafide hackers.

To stay perpetually one step ahead of attackers—and help others do the same—Rapid7’s testers devote 25% of their time to conducting research and contribute to the security community, publishing articles, presenting at conferences, developing and releasing open source testing tools, and writing popular Metasploit modules. (Bonus: Since Rapid7 owns Metasploit, its pen testers get unparalleled access to the most widely used penetration testing tool in the world.)

Meet the brains behind Rapid7’s success

In addition to being CEO, Corey is also Chairman of the Rapid7 board of directors. In 2018, he was elected to the Cyber Threat Alliance (CTA) board of directors and the Massachusetts Cybersecurity Strategy Council. He also serves on the Blue Cross Blue Shield of Massachusetts board of directors, sitting on its audit and health care quality and affordability committees. Corey has extensive experience leading technology companies to the next stage of growth and innovation. Prior to joining Rapid7, Corey was VP of marketing at Parallels, Inc., a virtualization technology company; group project manager of the Microsoft Server and Tools division, launching the worldwide availability of SQL Server 2005 and steering product planning for Microsoft’s data platform; and a consultant at Deloitte Consulting. Corey received a B.E. in electrical engineering and computer science from Vanderbilt University and an MBA from Harvard Business School.