InsightCloudSec cloud detection 和 response (CDR) consolidates native 和 third-party runtime threat detections to allow faster detection 和 analysis of potential cloud threats. The solution collects cloud events, 警报, 和 threat intelligence feeds from associated services, such as AWS GuardDuty, 和 provides frictionless workflow integrations to streamline 和 accelerate response.
The new unified view not only consolidates all runtime threat detections from various sources, but also provides richer security context by associating the findings with the affected cloud resources 和 their properties, all in a single place. These seamless integrations also ensure that companies are able to leverage their CSP’s newest security tools 和 capabilities, as well as keeping up with the latest developments in the ever-changing world of cloud infrastructure.
In addition to consolidating third-party threat findings, InsightCloudSec provides native detections for suspicious events in customer cloud environments. These native detection capabilities are based on research from Rapid7 cloud security experts, 和 detect suspicious events within 90 seconds, including identifying potential threat actor behaviors such as suspicious network activity or a privilege escalation.
Along with providing individual 警报 for these detections, admin can now also filter resources to get a view of only those assets that have seen a suspicious event in the last 24 hours. This allows flexibility in how individuals 和 teams are able to review, 调查, 和 report on recent threats across their cloud environment.