The pandemic and remote work shattered your perimeter. Your attack surface has changed — and will keep changing.
It’s our mission to help customers strengthen security defenses and stay ahead of evil. As the modern perimeter expands, new (and old) vulnerabilities emerge as open doors for attackers; some can be exploited, and that leads to attacks.
The fact is, most successful attacks are caused by unpatched vulnerabilities, and most can be traced back to human error. So one answer to reducing risk is to patch the vulnerabilities you find with a simple external scan.
Rapid7 has been at the forefront of vulnerability risk management for 20 years — from the days where on-premise Nexpose scanners ruled, to our cloud-based InsightVM solution, to our Managed Vulnerability Management service.
Now, we’re adding a new capability (and report) to connect proactive and reactive security for our MDR Essentials customers. We call it Attack Surface Visibility.
Our goal with Attack Surface Visibility — built exclusively for our MDR Essentials customers — is to help proactively plug the holes that attackers may exploit and, in turn, reduce the number of low-hanging incidents that could be avoided.
The Attack Surface Visibility report breaks down risks in your environment based on Rapid7’s granular Real Risk score. It looks at exploitability, malware exposure, and vulnerability age to give customers the actionable data that prioritizes remediation efforts on the places attackers will focus.
Attack Surface Visibility gives MDR Essentials customers the ability to:
While it does not replace the need for a true vulnerability management program, Attack Surface Visibility offers your team a better level of awareness to detect obvious weak points that attackers may exploit. Even customers running programs with InsightVM — our industry-leading vulnerability risk management solution backed by Gartner and Forrester — are able to see value.
The first time we spun up the scan engine and sent the new report out to a customer, they saw instant value. The scan found almost 20 different remediations needed across their assets scanned, including a few highly concerning risks their MDR Security Advisor prioritized as the first ones to remediate:
In the customer’s words, this was “eye-opening.”
You can see what a sample version of the report looks like here.
Good news! We will be rolling out your first Attack Surface Visibility reports starting in Q4. Your Customer Advisor will reach out to you soon to capture external IP addresses in order to begin the scanning process.
We look forward to helping you continue to build more confidence with your security program!
Rapid7 MDR has service offerings available for customers of any size, security maturity, or industry. Whether you’re looking for your first MDR provider or making an upgrade, we have a service that fits your goals.
Interested in learning about Rapid7 MDR? Let’s connect you with an expert.