Introducing the Rapid7 Command Platform

Welcome back to the Rapid7 Rundown! Find all the latest cybersecurity updates to accelerate your success in the SOC.

The Rapid7 Command Platform

As digital infrastructure continues to evolve from traditional on-prem models to hybrid, distributed teams, and systems, one thing remains the same—the attack surface continues to grow, creating more risk and a wider visibility gap.

With Surface Command and Exposure Command—Rapid7 is closing the visibility gap and giving your team the tools to visualize, prioritize, and remediate risk from endpoint to cloud.

"How can you secure and manage what you cannot see? Our team has heard this over and over again and we made the commitment to build a better way. With the Rapid7 Command Platform, we can now deliver a more comprehensive view of your attack surface, with transparency that you can trust." Corey Thomas , Rapid7 CEO

Surface Command: Comprehensive Visibility You Can Trust and Action

Break down data silos by combining comprehensive external attack surface monitoring with internal asset visibility across hybrid environments to build a dynamic 360° view of your entire attack surface in one place.

• Visualize your entire digital estate along with identities and software to provide an unparalleled, holistic view
• Identify and mitigate exposures and potential threats with a risk-aware and adversary-driven view of your entire attack surface
• Understand how assets are configured so you can quickly identify and address misconfigurations, shadow IT, and compliance issues

➡️ Meet Surface Command

Exposure Command: Detect and Prioritize Exposures from Endpoint to Cloud

Exposure Command extends the power of Surface Command by combining complete attack surface visibility with high-fidelity risk context and insight into your organization's security posture. Aggregating findings from both our native exposure detection capabilities as well as third-party exposure and enrichment sources you’ve already got in place, with Exposure Command you can:

• Zero-in on the exposures and vulnerabilities that attackers have in their sights with the threat-aware risk context needed to prioritize more efficiently and effectively
• Shift from reactive to proactive with a combination of on-prem VM, cloud security, and application testing continuously assessing your attack surface, validating exposures, and providing actionable remediation guidance
• Operationalize your exposure management program more efficiently with native, no-code automation and more than 450+ out-of-the-box integrations with popular security and ITOps tools

➡️ Meet Exposure Command

Ransomware Radar Report

The latest state-of-play in the ransomware space, based on data from our Incident Response and Rapid7 Labs team, and nearly 8,000 publicly-reported ransomware incidents observed from January 2023 through June 2024.

The Ransomware Radar Report offers some startling insights into who ransomware threat actors are and how they’ve been operating in the first half of 2024.

To ensure your organization is well-informed and prepared for the fight against these threat actors, download the report.

Quick Hits from Rapid7

New Cloud Risk Dashboard: Identifying Toxic Combinations to Drive Faster Remediation

Risks identified within a cloud environment compound to represent a real threat of exploitation. Our cloud risk scoring, introduced recently to InsightCloudSec, focuses on these toxic combinations.

Building on our cloud risk scoring, we have introduced a new dashboard to give users a clear view of their cloud risk, driving prioritization and quick remediation of the most critical risks.

Rapid7 Introduces Exposure Command to Eliminate the Security Visibility Gap

Gartner estimates that through 2026, 'unpatchable' attack surfaces will grow from less than 10% to more than half of the enterprise’s total exposure, reducing the effectiveness of traditional vulnerability management programs.

Rapid7 launched two exciting new product offerings designed to unify your attack surface and deliver effective hybrid risk management: Surface Command and Exposure Command.

New Research: The Proliferation of Cellular in IoT

In a new whitepaper co-authored by Rapid7 principal security researcher Deral Heiland and Thermo Fisher Scientific lead product security researcher Carlota Bindner , the authors dive into the recent uptick in the use of cellular communications in IoT-based devices like GPS trackers and medical equipment.

Defending Against APTs: A Learning Exercise with Kimsuky

The latest research paper from Rapid7 Labs examines the tactics of North Korea’s Kimsuky threat group.

It is published to serve as a learning on the evolving capabilities of a highly adept and industrious threat group, and, more importantly, to provide the necessary insights for supporting security teams in the implementation of defensive strategies.

What's popping up on the security landscape?

Rapid7's Emergent Threat Response (ETR) team covers CVEs in real time for the cybersecurity community, and Rapid7 customers can take immediate action with applicable documentation.

🚨 Here are some recent CVEs and threat activity to take note of:

• CVE-2024-37085: VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns. Learn more
• CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery. Learn more
• Malware Campaign Lures Users With Fake W2 Form. Learn more
• Ongoing Social Engineering Campaign Refreshes Payloads. Learn more

📍 Black Hat USA

As #BHUSA shifts into the rearview, we're reflecting on the week and what we learned, and the people the Rapid7 team had a pleasure of meeting while out in Las Vegas.

Rapid7's CMO, Cynthia Bellefeuille Stanton was on-ground at #BHUSA. Check out her post above about the experience! ⤴️

For a more comprehensive overview at what was observed at Black Hat USA, and what key highlights and trends stood out, read this blog post.

See you next time!

Don't forget to subscribe to the Rapid7 Rundown! You can also keep up with the latest at Rapid7 here on LinkedIn, and Twitter/X.