Rapid7, Inc. announced the Rapid7 AI Engine used by its global security operations center (SOC) teams now includes new generative artificial intelligence (AI) capabilities, transforming the way the company delivers its leading managed detection and response (MDR) services.
The Rapid7 AI Engine is the foundational analytics engine that underpins the Insight Platform and assists the company’s global SOC team throughout the lifecycle of an attack. It enhances threat detection and alert triage by leveraging a massive and diverse set of risk and threat data to automatically distinguish between malicious and benign alerts. The engine includes a combination of traditional machine learning (ML) and generative AI models, providing a multi-layered approach to validate that new security alerts have been accurately labeled as malicious or benign. This allows Rapid7 analysts to spend more time investigating the security signals that matter to customers instead of sifting through false positives.
Building on a rich tradition of innovation, this enhancement to the Rapid7 AI Engine supercharges the company’s elite SOC experts with instantaneous access to relevant and actionable information for the complex security events that are the focus of today’s security teams. The Rapid7 AI Engine drives higher levels of threat efficacy with faster security event resolution for customers and partners, all while providing insights into best practices that will elevate Rapid7’s SecOps platform.
“For years, we’ve pioneered the application of AI technologies, establishing patented models and incorporating them into our technologies to better and more efficiently solve customer challenges,” said Laura Ellis, vice president, data and AI, Rapid7. “We remain at the forefront with generative AI, enhancing our world-class MDR services, ensuring that we continue to deliver unparalleled results for our customers.”
Rapid7’s AI Engine powers the company’s AI-native SOC assistant so MDR analysts can quickly respond to security threats and proactively mitigate risks on behalf of customers. The SOC assistant utilizes the company’s vast internal knowledge bases to guide analysts through complex investigations and streamline response workflows, keeping SOC analysts a step ahead.
The Rapid7 AI Engine also has the ability to accelerate incident response to enable customers to quickly understand mitigation measures. The Rapid7 AI Engine automates the first draft of incident reports so that SOC analysts can deliver service more quickly, focusing on reviewing and finalizing the report, providing guidance and then moving on to the next most pressing action for the customer.
“Our AI Engine’s SOC assistant is a powerful tool for our expert teams,” said Jeremiah Dewey, senior vice president, managed services and product delivery, Rapid7. “They are now exponentially more effective, due to the increased efficiency and speed in which they can respond to threats and mitigate risks, a significant advantage for our MDR customers and partners.”
Rapid7 operates its AI engine in-house, and the company’s process for deployment includes releasing AI models to its internal SOC teams to be trained and tested before being released to customers via in-product experiences. This creates a continuous feedback loop between the company’s frontline analysts and AI and data science team. This process ensures that Rapid7’s models can be used to get accurate, and actionable information.
Rapid7 possesses an expansive range of event data sources, proprietary security datasets, and emergent threat intelligence that encompass modern environments and attack surfaces. Capturing over 4.8+ trillion security events each week, these datasets and telemetry combine to fuel a powerful learning environment for AI models.
Rapid7’s history of incorporating AI approaches into its technology solutions dates back to the use of expert systems in Nexpose, the company’s very first product launched in 2001. Over the years, it has secured numerous patents for innovations in AI and ML, leading to the establishment of its AI Centre of Excellence. Rapid7 has also expanded its security data collection through product features plus key R&D and open source efforts such as Metasploit and Sonar, as well as Velociraptor for internal data collection.
SOURCE: GlobeNewsWire