Experity Relies on Rapid7 管理服务 to Scale Security Operations

挑战

The rapid expansion of personnel, 办公室的位置, software 和 services as a result of the merger created unique challenges for the security team. “We’ve got a small team 和 we’re charged with a fairly substantial mission to protect the company from loss events of any kind,卡尔·斯特恩说, 导演 of Information Security. This need for business continuity 和 st和ardization fueled the Experity team’s search for a provider that could help them manage security operations 和 build resilience in their security program. “Which is where Rapid7 managed services comes into play,” explains Stern. “Without Rapid7 managed services we would probably need to triple or quadruple the size of our team just to get the coverage we need.”

解决方案

Experity found its answer in Rapid7, purchasing MDR for incident detection 和 response, 管理AppSec to enhance their application security, 和 InsightVM for vulnerability scanning. 通过活动监测, dynamic application security testing, 和 advanced vulnerability management analytics, Experity can now automatically assess, 理解, 和 respond to risk across the entire IT infrastructure.

“Rapid7’s got the market cornered in terms of managed services,斯特恩说。. “We now lean on MDR to vet alerts 和 tell us if they’re seeing unusual activity from a user. The majority of the time when we get an alert, it’s already h和led by an engineer. I know that if an alert gets to us 和 Rapid7’s MDR team is asking us questions, I’m confident telling my SecOps team to stop what they’re doing 和 address it immediately.

全面解决方案

Stern was tasked with building a security team 和 enhancing the caliber of the security tools at their disposal. “The company had been using a 管理检测 和 响应 (MDR) platform but it became clear to me that while it addressed a need at the time we implemented it, the solution didn’t really roll with all the changes. For example, it only monitored network 和 server activity 和 not endpoint activity. We wanted to be able to monitor desktops 和 laptops because nine times out of ten, that’s where companies get into trouble -- from a user clicking on something they shouldn’t.”

Prior to the merger, most employees were based in one office. So, if Stern saw activity from a user, he knew the user 和 what they should be doing. With Experity’s new scale, the security team needed a platform to vet alerts. “We have so many more employees 和 contractors, so if we see alerts or activity from these users, we don’t know if that’s normal or not,斯特恩解释道. “That’s a pretty unique challenge for us.”

Stern began looking for an MDR 和 vulnerability management solution that could monitor all activity 和 offer a user-friendly 和 actionable dashboard. “I wanted a company that had the right product 和 provided a managed service, because at the time it was just me 和 there was no way one person could monitor traffic 24 hours-a-day. And I wanted to be able to come in in the morning 和 look at a single pane of glass 和 see what had happened over the previous 24 hours 和 if there was anything I should be concerned about.”

Meeting Regulatory Compliance St和ards

These advanced security capabilities have proven helpful for identifying 和 squashing malicious behavior 和 ensuring compliance with regulations such as HIPAA 和 HITRUST. “在我们的一个解决方案中, all user accounts are now managed in Active 导演y, 和 all of a sudden we were seeing thous和s 和 thous和s of users that were clients. Rapid7 is extremely helpful in that regard, alerting us if there is anomalous behavior that has the potential to put a client’s credentials at risk.”

Cutting Through The Application Security Clutter

随着experiity投资组合的增长, Stern looked for a robust solution to provide vulnerability management insights across their web applications which the development teams had been managing. Rapid7的InsightAppSec, the technology behind 管理AppSec, provides all the capabilities they need with the added benefit of offering a managed service. “InsightAppSec has helped us solidify our inventory of web apps. We can see where our apps live, 和 essentially we have a place where we can work without impacting the production environment,斯特恩解释道. “这对我们来说很重要.”

Stern also noted that Rapid7’s 管理AppSec provides validation 和 context that allows his team to focus on what is critical. “If we managed application security tools internally, we’d see hundreds of alerts 和 have to parse through 和 figure out what’s what. 管理AppSec is a lot more manageable than having a static Excel sheet or a PDF of a hundred things to look into.”

Rapid7’s team also meets directly with the Experity developers that are responsible for remediation. “这是巨大的,斯特恩说。, “because it eliminates the ‘lost in translation’ issue, where the findings get communicated to my team. 我的团队会做笔记. My team goes to the developers. 开发者问问题. We try to answer, but we might be getting some of it wrong. 所以我们把这部分删掉了. 那也很棒.”

Rapid7 管理AppSec customers have access to view the underlying InsightAppSec dashboards as part of their service subscription, a popular value-add 和 differentiator for Experity’s security team. “With a lot of other managed services, it’s a black box 和 you only see a portion of what’s going on in your environment,斯特恩说. “I like that although Rapid7 is a managed service, we still have full access to a dashboard for greater visibility. Our Rapid7 Security Advisor will also email me to let me know about interesting findings. It’s more of a human connection.”

Gaining The Peace Of Mind To Focus On What’s Next

“With the breadth of responsibility we have, there are so many things we need to be doing beyond just looking at environmental alerts,斯特恩说. “Knowing that we have a 24-hour MDR SOC doing that for us is great. I’m finally able to focus on the big picture 和 plan the direction of our program instead of getting bogged down in the minutia of each alert. My team can focus more of our energy on our operations project work, 以及政策和审计工作, 这是一只熊, especially when you’re talking about things like HITRUST certifications. We’ve made a lot of progress in maturing our policy 和 audit program thanks to an incredible team,和 part of that success is due to our partnership with Rapid7.”

A 合作伙伴hip Built For The Future

The relationship with Rapid7 has given Experity’s security team greater confidence in their ability to scale as the company expands. “One of the things I love about Rapid7 is that they’re constantly evolving 和 improving their products, just like Experity continues to grow 和 be the market leader in urgent care EMR,斯特恩说. “在Experity, one of our core values is “Team First”, 和 I’m fortunate to work with an extraordinary team, 和 Rapid7 is an extension of that. Rapid7 has been a real partner, staying with us 和 supporting us through this whole process.”