Rapid7 Shines a Light on the Murky Threat L和scape for Dutch Insurer 阿尔集团

挑战

Security Officer Joost Dubbelman wanted to improve the maturity of the in-house security program as the company embarked on a recent steep growth curve.. He was looking for vulnerability management 和 incident detection offerings to enhance insight 和 to help reduce risk.

解决方案

After running a detailed proof-of-concept program with several providers, Dubbelman最终选择了Rapid7 InsightVM 漏洞管理提供，然后用我们的 InsightIDR 威胁检测和响应工具. 在漏洞管理方面, InsightVM not only provided a more expansive set of scan results than rival options, but it was also a better fit for the flat organizational structure at 阿尔集团.

“InsightVM gives us more insight into the assets we have 和 which vulnerabilities we have at this specific moment,他解释道. “It works in combination with the InsightIDR solution, 和 that's really one of the great things. We can see what's happening in our network 和 who's doing what, which is really positive.”

Dubbelman发现了视觉报告和 现场仪表盘 features in InsightVM particularly useful in providing a clear picture of risk, 审查和接受或让团队进行补救.

在火线上

保险行业是攻击者的热门目标. These organizations represent a treasure trove of their customers’ highly sensitive personal 和 financial information, 使他们成为欺诈者的目标.

Yet many in the industry do not have the visibility they need into the threat l和scape or their own IT infrastructure in order to proactively manage risk. 根据德勤, half (49%) have discovered “significant” cybersecurity incidents in their organization, while 71% believe they would not be able to detect a sophisticated attack. Separate research from Accenture reveals that over two-thirds of insurers (67%) require more than 30 days to remediate a breach.

作为保险供应链的关键一环, Alpina集团了解提高这种可见性的必要性, 带着安全官员约斯特·杜贝尔曼上船. His job is to manage a new security roadmap designed to mitigate risk as the firm leverages cutting-edge technology to drive innovation-led success.

作为这些努力的一部分, Dubbelman wanted to improve the maturity of the in-house security program as the company embarked on a recent steep growth curve. 阿尔集团 & 阿尔集团 expanded its workforce over the past two years from 350 to 550 employees, 需要管理和保护的IT资产数量也在迅速增加. He was looking for vulnerability management 和 incident detection offerings to enhance insight 和 to help reduce risk.

一个关键的要求是高效, 易于部署的解决方案，可以由一个小团队管理. 阿尔集团 incumbent SIEM platform did nothing but create a blind spot for the company after a year-long implementation, 因为这对两个人的安保小组来说太难了.

为什么Rapid7?

After running a detailed proof-of-concept program with several providers, Dubbelman最终选择了Rapid7 InsightVM 漏洞管理提供，然后用我们的 InsightIDR 威胁检测和响应工具. 在漏洞管理方面, InsightVM not only provided a more expansive set of scan results than rival options, but it was also a better fit for the flat organizational structure at 阿尔集团.

“InsightVM gives us more insight into the assets we have 和 which vulnerabilities we have at this specific moment,他解释道. “It works in combination with the InsightIDR solution, 和 that's really one of the great things. We can see what's happening in our network 和 who's doing what, which is really positive.”

Dubbelman发现了视觉报告和 现场仪表盘 features in InsightVM particularly useful in providing a clear picture of risk, 审查和接受或让团队进行补救.

“There are a few graphs that are very useful, especially for my manager 和 risk manager,” he says. “我们有25大漏洞报告, 我们有漏洞例外, 和 we have the trend analysis report 和 they all go to different stakeholders. It's actually evidence for me to say to my manager: ‘This is the problem that we're facing, 这就是我们面临的风险, 我们真的需要为此做点什么.’”

在选择威胁检测解决方案时, the decision was made even easier because Rapid7 和 its Insight Agent was already on board. It took just a day 和 a half to get up-和-running with cloud-hosted InsightIDR versus the year it took to plug in a previous SIEM solution.

“It’s the fact that we already had InsightVM 和 that we could use the same agent for InsightIDR. 当然, 我们调查了所有的可能性, but they always were more expensive or required more attention to get implemented,Dubbelman说.

提高可视性，降低风险

在一起, the tools have helped 阿尔集团 gain a clear view of the threat l和scape 和 where the organization is most exposed, 帮助Dubbelman主动降低风险.

InsightIDR in particular has helped the firm maximize its limited in-house IT security resources whilst spotting potential risky behavior.

“Compared to the [previous] SIEM solution, I think we're saving a lot of time. A traditional SIEM platform would take five or six guys to get the job done,Dubbelman说. “We also have a lot of software developers 和 there were a lot of crazy things on our networks: accounts being used that weren't supposed to be used 和 accounts that were set to 'never expire' or had too many rights. It gave me a really good insight into what's moving from one side to the other in this company.”

Dubbelman also praises the log search functionality in helping generate clear situational awareness to work out what’s going on 和 whether further action needs to be taken.

至于未来, Dubbelman is primarily focused on reducing the large volume of vulnerabilities currently flagged for attention, 以及从传统的Windows服务器迁移出去. 他很想买下阿尔卑斯集团的所有股份 & 阿尔集团的IT资产使用Insight Agent实现最大可见性. Also on the to-do list is the setup of Remediation Projects in InsightVM, 这将帮助团队确定漏洞的优先级. There’s no shortage of extra features for the Dutch insurer can use in the future to further unlock value as its security program matures.