Latest news with #IntelligenceHub
Techday NZ
23-04-2025
- Business
- Techday NZ
Rapid7 unveils platform to help SOC teams cut through alert noise
Rapid7 has launched Intelligence Hub, a platform intended to equip security teams with actionable intelligence and contextual insights for improved threat detection and response. The introduction of Intelligence Hub comes amid increasing challenges faced by security teams, with a recent survey indicating that two-thirds of Security Operations Centre (SOC) analysts have experienced a significant rise in the number of security alerts over the past three years. Additionally, 70% of respondents reported a substantial increase in the number of security tools they are required to use. Intelligence Hub seeks to address industry issues such as fragmented intelligence platforms, lack of contextual information, and difficulties in prioritising security threats. The platform curates data from multiple sources, including Rapid7's proprietary honeypot network and research, as well as open-source communities. According to the company, a particular focus is placed on verifying low-prevalence, high-impact indicators to reduce the occurrence of false positives. This curated intelligence is available directly in the Rapid7 Command Platform, which enables analysts to incorporate relevant threat information within their existing workflows. The system aims to help teams prioritise the most significant threats and accelerate remediation activities. Raj Samani, Chief Scientist at Rapid7, commented: "Security organisations are drowning in noise, making timely responses to threats nearly impossible. Intelligence Hub addresses this challenge by focusing on curated intelligence, providing only the most relevant and verified indicators to enable rapid and effective action." Intelligence Hub offers features designed to help security teams contextualise threats based on the specific industry sector, geographical location, exposure to vulnerabilities, and the tactics and techniques used by threat actors. The methodology for attributing threats is clearly defined to support targeted mitigation strategies and improved resource allocation. The platform is structured to integrate with existing security tools, including Rapid7's next-generation Security Information and Event Management (SIEM) solution, InsightIDR. By delivering intelligence within established tools, Rapid7 aims to reduce the need for analysts to switch contexts during investigations, potentially leading to faster and more accurate responses. The company states that Intelligence Hub prioritises the most relevant threats by analysing active attacker campaigns, sector-specific targeting, and exploitability. The intelligence is curated by Rapid7 Labs researchers, combining honeypot data, open-source information, and internal research. The intention is to present security teams with high-fidelity alerts that are most likely to be actionable. Monika Soltysik, Senior Research Manager at IDC, highlighted some of the broader challenges in the threat intelligence market: "In IDC's October 2024 survey of U.S. organisations, the top three challenges with threat intelligence solutions were cost (42.2%), false positives and alert fatigue (40.0%), and data quality and reliability (39.7%). Solution providers that are proactively addressing these challenges, like Rapid7, are making it easier for their customers to understand and secure their attack surface." Rapid7 positions Intelligence Hub as a proactive tool for helping organisations cut through data overload, reduce noise, and ensure that resources are allocated to managing verifiable and relevant security threats.
Techday NZ
23-04-2025
- Business
- Techday NZ
Rapid7 launches Intelligence Hub to streamline threat response
Rapid7 has introduced Intelligence Hub, an integrated solution aimed at providing security teams with contextual and actionable threat intelligence for more efficient detection and response. Intelligence Hub has been developed in response to ongoing issues confronting security operations teams, such as fragmented intelligence platforms, the absence of relevant context, and difficulties in threat prioritisation. According to Rapid7, two-thirds of Security Operations Centre (SOC) analysts in a recent survey reported a significant increase in the volume of security alerts in the last three years. Furthermore, 70% of respondents noted that the number of security tools they use has also markedly increased. The new Intelligence Hub delivers data that is curated by Rapid7 Labs, incorporating proprietary sources such as the company's honeypot data and exclusive research. Rapid7 states that it rigorously verifies low-prevalence, high-impact threat indicators, reducing the likelihood of false positives. This allows security teams to automate more of their response processes and focus on the most pertinent threats. The intelligence is delivered directly in the Rapid7 Command Platform, which enables high-fidelity, curated intelligence to be incorporated into the day-to-day workflow of security analysts. This integration is intended to ensure that actionable data is prioritised and can be trusted by those responsible for managing security incidents. Raj Samani, Chief Scientist at Rapid7, said: "Security organisations are drowning in noise, making timely responses to threats nearly impossible. Intelligence Hub addresses this challenge by focusing on curated intelligence, providing only the most relevant and verified indicators to enable rapid and effective action." Beyond the core offering of curated intelligence, Intelligence Hub includes contextual details intended to help security teams prioritise threats in light of their sector, geography, and vulnerabilities. The platform also incorporates information regarding threat actors' tactics and techniques, and gives users a clear methodology for attributing potential attacks. Rapid7 reports this will help with targeted remediation and better allocation of resources within security teams. The company has outlined several key benefits of its Intelligence Hub, including seamless integration with existing workflows. For example, threat intelligence is provided directly within Rapid7's Command Platform tools, such as InsightIDR, to eliminate the need for context-switching and to speed up response times. Intelligence Hub is also designed to surface only the most relevant threats based on current attacker campaigns, the industries targeted, and the exploitability of vulnerabilities. Additional features include the unification of global threat intelligence curated by Rapid7 Labs researchers from sources such as Rapid7 honeypots, open source communities, and proprietary research. The intelligence is prioritised based on its relevance to individual customers' sectors, geography, and likely vulnerabilities, aiming to support more proactive security postures. Feedback from industry analysts highlights ongoing challenges with threat intelligence solutions. Monika Soltysik, Senior Research Manager at IDC, said: "In IDC's October 2024 survey of U.S. organisations, the top three challenges with threat intelligence solutions were cost (42.2%), false positives and alert fatigue (40.0%), and data quality and reliability (39.7%)." "Solution providers that are proactively addressing these challenges, like Rapid7, are making it easier for their customers to understand and secure their attack surface." With organisations increasingly struggling to manage the rising volume of security alerts and the complexity of multiple tools, Intelligence Hub is expected to support security teams by streamlining the delivery of trusted, relevant, and actionable threat intelligence within their existing operational platforms.
