Security Monitoring (SIEM)
Rapid7 Insight IDR verzia Advanced
With the Rapid7 Insight IDR version Advanced, you get central view of the entire enterprise infrastructure by monitoring ongoing events, gathering specific information from all infrastructure elements at all levels (operating system, applications, databases, network elements) and then evaluating them.
Functionality:
- Collection of logs including their storage
- Real-time detection of potential threats with comprehensive in-depth protection
- Monitoring and analysis of user activities (UEBA)
- Attacker Behavior Monitoring and Analysis (ABA)
- File Integrity Monitoring (FIM)
- File Access Monitoring (FAM)
- Solution for detection and response on end equipment (EDR)
- Network traffic monitoring for detection of potential intrusions and suspicious activities (NTA)
- Deception technology for building baits (Honeypot) for attacker
- Investigative console for dealing with security events and incidents
- Tool for collecting and evaluating non-standard event sources
Deployment in 5 steps
- Activating the Rapid7 Insight platform
- Installation of components in the customer’s infrastructure (collector, agent, probe)
- Configure basic event sources (AD, LDAP, DNS, DHCP, Firewall, AV)
- Start data collection and learning
- Dealing with security incidents
Fulfillment of domains of Act no. 69/2018 Coll. on cybersecurity
- Security in the operation of information systems and networks,
- Protection against malicious code,
- Event recording and monitoring,
- Solving cybersecurity incidents.
Advantage of On Cloud SIEM vs. On Premise SIEM
When implementing Rapid7 Insight IDR Advanced, it is possible to skip 8 out of 9 activities related to the preparation and maintenance of security monitoring, which represents an 80% saving on time and financial resources.
Solution partner:
Key benefits
- Strengthening the organisation’s cyber resilience
- Easy to deploy
- Cost savings (infrastructure, software, maintenance, support)
- Intuitive controls that can handle your IT
- Fulfillment of the requirements of the Cybersecurity Act
- Protect your own and cloud infrastructure (Office 365, MS Azure)
Rapid7 Insight IDR verzia Ultimate
With the cloud-based Rapid7 Insight IDR Ultimate version, you get a central view of the entire enterprise infrastructure by monitoring ongoing events, gathering specific information from all infrastructure elements at all levels (operating system, applications, databases, network elements) and then evaluating them.
Rapid7 Insight IDR Ultimate also includes a system for orchestration and automation of security processes (SOAR) that streamlines and speeds up manual, time-consuming processes. For even greater visibility, the enhanced functionality of EET and ENTA is being used, through which you collect Netflow records or analyze the launch of processes in real-time.
Functionality:
- Collection of logs including their storage
- Real-time detection of potential threats with comprehensive in-depth protection
- Monitoring and analysis of user activities (UEBA)
- Attacker Behavior Monitoring and Analysis (ABA)
- File Integrity Monitoring (FIM)
- File Access Monitoring (FAM)
- Solution for detection and response on end equipment (EDR)
- Advanced monitoring of NETFLOW network traffic, including detection of potential intrusions and suspicious activities (ENTA)
- Deception technology for building baits (Honeypot) for attacker
- Investigative console for dealing with security events and incidents
- Tool for collecting and evaluating non-standard event sources
- EET gives you an overview of processes at endpoints
- SOAR for soc activity automation
Deployment in 5 steps:
- Activating the Rapid7 Insight platform
- Installation of components in the customer’s infrastructure (collector, agent, probe, orchestrator)
- Configuring basic event sources (AD, LDAP, DNS, DHCP, Firewall, AV)
- Starting data collection and learning
- Dealing with security events
Fulfillment of domains of Act No. 69/2018 Coll. on cybersecurity
- Security in the operation of information systems and networks,
- Protection against malicious code,
- Event recording and monitoring,
- Solving cybersecurity incidents.
Advantage On Cloud SIEM vs. On Premise SIEM
When implementing the Rapid7 Insight IDR Ultimate, it is possible to skip 8 out of 9 activities related to the preparation and maintenance of security monitoring, which represents an 80% saving of time and financial resources.
Solution partner:
Key benefits
- Strengthening the organisation’s cyber resilience
- Easy to deploy
- Cost savings (infrastructure, software, maintenance, support)
- Intuitive controls that can handle your IT
- Fulfillment of the requirements of the Cybersecurity Act
- Protect your own and cloud infrastructure (Office 365, MS Azure)
- Saving personnel capacities (automation of activities)
- Speeding up the resolution time of security events