Rapid7 adds new integrations to enhance its MDR service

Rapid7 has integrated coverage for CrowdStrike Falcon, SentinelOne Singularity Endpoint, and Microsoft Defender for Endpoint into its Managed Detection and Response (MDR) service.

This expansion is aimed at enhancing defence-in-depth with Managed Threat Complete (MTC), Rapid7's MDR solution.

According to a statement by Rapid7, the integration of these third-party endpoint detections into its MDR service allows for "a more comprehensive defence mechanism" across a customer's extended ecosystem.

This new capability utilises the company's extensive expertise to offer a faster and more efficient response to threats.

Craig Adams, Chief Product Officer at Rapid7, commented on this development: "Our leading next-gen SIEM allows Rapid7 to process broad telemetry and was purpose-built to operationalise our SOC expertise to deliver unparalleled clarity for our MDR service. Adding third-party detection support to Managed Threat Complete deepens our visibility across a customer's environment, which in turn helps us respond even more quickly and efficiently to threats."

The MDR service provided by Rapid7 is designed to go beyond just endpoint telemetry. It leverages the next-gen Security Information and Event Management (SIEM) foundation to integrate and correlate diverse telemetry from multiple sources, including endpoints, networks, users, and cloud environments. This broader coverage aims to provide critical context, enabling faster investigations and more effective responses to modern attack surfaces.

The additional endpoint support is part of Rapid7's broader strategy to offer comprehensive attack surface monitoring across multiple domains such as cloud service providers, identity and access management, and network security.

Rapid7's Security Operations Centre (SOC) analysts are now better equipped to serve customers, thanks to the enriched visibility and reduced noise provided by the new capabilities. Enhanced visibility is achieved by covering third-party event sources, thereby eliminating the need for manual normalisation of information across a customer's technical environment. This saves time and reinforces confidence that the complete attack surface is being monitored.

The company also claims that this comprehensive coverage allows for threat detection across all phases of the MITRE ATT&CK framework and modern threat landscape with minimal noise. High efficacy detections are achieved through operationalised threat intelligence and expertise. With broad telemetry and correlation across endpoints, networks, identities, and cloud environments, Rapid7's incident response analysts can respond more accurately and quickly to threats, facilitating their eradication from customers' environments.

The integration of extended ecosystem monitoring with Rapid7's MDR solution allows customers to link the supported tools within their environments for a streamlined process of triage, investigation, and response. This added functionality aims to provide an enhanced security posture for organisations managing modern and complex attack surfaces.

Rapid7's expansion in third-party detection support underscores its commitment to providing more comprehensive and efficient cybersecurity solutions for its global customer base. The new capabilities are intended to fortify the defensive strategies of its customers, enhancing their ability to manage and respond to a range of cyber threats effectively.