TALKING
‘‘ business
cCan you tell us about Rapid7 ’ s evolution and its offerings ?
The heart of Rapid7 ’ s evolution has been down to the vision of our executive leaders – our CEO , Corey E . Thomas , and our Chief Innovation Officer , Lee Weiner . They ’ ve really had a clear vision on how to build great security products and offerings for the market .
We also have a very good culture , with core values around ‘ never being done ’ and ‘ impacting together ’. That has resonated and helped us to evolve and make sure we ’ re relevant to customer needs or requirements .
A key part of us evolving and understanding what customers need is down to our global research and threat intelligence team . We have a couple of key projects , one of which is around global Internet scanning and honeypot networks . That gives a good understanding of risk and exposure with external assets and how attackers are trying to breach networks .
We also have Metasploit – the number one offensive security penetration testing tool . With that , we have more than 300,000 contributors busy providing exploits and helping us to understand attacks .
All of that global research and threat intelligence goes a long way to help build really good products . We ’ ve organically done some of this through R & D , but we ’ ve also done it through key acquisitions in log management , cloud or container security and application security over the past six years .
That ’ s really culminated into having a security operations platform which we call Rapid7 Insight that essentially gives a customer the capability to address vulnerability risk management and application security , same-day detection and response , coupled with cloud security and automation of security processes .
Within that platform , Rapid7 have multiple leading technologies which are recognised by and validated by third party analysts .
How has cloud revolutionised security operations for organisations and what are some of the threats that have been introduced through cloud adoption ?
In terms of cloud security there are many benefits , one of which is centralised security . Just as cloud computing centralises applications and data , cloud security centralises protection . It also reduces the cost of cloud storage and eliminates the need to invest in dedicated hardware .
In terms of improving cloud security , there is a ‘ shift left ’ approach which essentially means shifting security early in development of the lifecycle so you catch any misconfigurations before they go live , reducing the noise and being able to prioritise and act more efficiently with a unified view of data risk and automated workflow so you can set your own conditions and automate the actions your teams need to identify , assess and remediate threats in real time .
We ’ ve also got the unique capability within our cloud security solution offering to provide a single , unified view of cloud assets across multiple public clouds . That really makes it easier to manage and apply security policies consistently and our relationship with AWS to host and integrate the Rapid7 and Insight platform gives our customers the reach and complements what they currently have in usage with AWS .
Can you talk us through some of the key challenges that your customers are grappling with right now ?
I think one of the key challenges is leveraging or migrating to cloud , however each customer is on their own journey in terms of reducing their security achievement gap . At Rapid7 , we ’ re trying to meet customers where they are and address their challenges head on .
What I ’ ve experienced with customers on the ground over in the Middle East and in Africa is that sometimes they are very concerned because of their workload and operational silos within their organisation and teams . There are also limited resources , and I think we all understand the shortage of security talent in our industry .
Nasar Saddiq , Senior Regional Manager , Middle East and Africa , Rapid7
A key part of us evolving and understanding what customers need is down to our global research and threat intelligence team .
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 37