Rapid7 Provides Confidence, Credibility 和 Incomparable Customer Service
关于Chemung运河信托公司
自1833年以来, 车蒙运河信托公司提供了源源不断的服务, progressive financial 和 credit services to south central 纽约 状态. 就在两年前, the first steam-propelled locomotive made its initial trip from Albany to Schenectady; stage coach lines were still big business; the Chemung Canal had just opened; 和 the Erie Railroad was still a dream. The company's mission is to remain a strong 和 independent financial services organization creating value for shareholders, 客户, 员工和他们做生意的社区, 同时保持最高的商业道德标准.
所面临的挑战
Christopher Conklin is the Chief Information Security Officer at the Chemung运河信托公司 (CCTC) in Elmira, 纽约, 他在哪里监督两名信息安全分析师的工作. They signed with Rapid7 over a year ago after deciding they needed more visibility into their information architecture to best fulfill their core mission. Rapid7’s InsightVM 和 InsightIDR have empowered them to do so efficiently, quickly, 和 easily.
解决方案
就在他们与Rapid7的insighttidr平台签约之后, CCTC was able to quickly establish a baseline of known activity 和 highlight any anomalies, 例如失败的身份验证尝试和潜在的横向移动. “It was very easy for us to create custom alerting for activity we felt important to monitor like account deletions, Nslookup命令和特定日志源上的不活动,他回忆道.
根据康克林的说法, Rapid7提供的内置检测规则是惊人的, but his team was particularly pleased that they were able to create specific rules tailored to their organization. “测井功能非常非常强大,”他解释说. “It really helps give visibility into risk from a single pane of glass that we might otherwise miss.”
“我们考虑过其他一些安全工具, 但我们觉得它们不如Rapid7所能提供的,康克林透露道. “We had a vendor selection process where we vetted Rapid7 against other competitors. But Rapid7 came out well above 和 beyond its competitors due to its ease of use 和 the scope of the visibility with regard to strengths 和 weaknesses. 实施的时间非常非常短. 我们在几个小时内就开始运作了.”
康克林毫不犹豫地深入研究了具体的例子, 关注他们的弱点. “我们认为我们已经很好地处理了我们的漏洞. But InsightVM’s scanning agents showed us existing vulnerabilities that we had to address,他列举道。. “从日常的角度来看, 当我们进去的时候, 一切都是天衣无缝的,配合得很好. If we’re looking at a vulnerability, we can see how it relates to a detection. If we’re looking at a detection, we can see how it relates to a vulnerability. 这有助于我们在解决问题之前优先考虑问题. 这意味着我们可以准确地规划我们每天的路线.”
信心与信誉
Another benefit of Rapid7 for CCTC has been greater trust in their findings, 知识和结论. “在大多数复杂的组织中, there’s not always a particular person or a group that knows everything,康克林若有所思地说. “But we were able to leverage our investment in Rapid7 to become an authority. We were able to be sure we understood what was going on in our organization 和 identify some things that were previously unknown.”
根据康克林的说法, Rapid7 provided credibility 和 confidence in their observations 和 findings. “Instead of going around 和 double-checking all of these different data sources (authentication sources, netflow信息, 端点活动),并想知道它们如何相互对齐, Rapid7提供了更全面的功能, 清楚地描述我们的环境中正在发生的事情. 我们相信这种描述,”他解释道.
多产的修补
InsightVM has saved CCTC several hours a month when it comes to patching. “The product helps highlight what your true pain points are versus what you think your pain points are, 所以我们可以节省很多时间,康克林分享道. One of those time-saving opportunities were Remediation Projects for vulnerabilities that posed CCTC the highest security risk. 一旦创建, these projects help IT teams target specific patching measures 和 maximize the return on their patching efforts.
“Rapid7 also has a host of dedicated 和 well-experienced professionals just a phone call away, so if you don’t really underst和 it or you’re confused by which metrics you should really go after, 你可以咨询他们,他们会帮助你建立你的程序,他建议道。. “所以,这是我们早期所做的事情. 我们征求了他们的意见, 看, we think we have a good underst和ing of what we should be tracking for metrics 和 what we might expect to reduce, 但你的观点是什么? 他们非常非常有帮助.”
动态检测
当被问及他最喜欢的Rapid7特性时, Conklin identified the platform’s willingness 和 ability to improve its detection rules. “When new threats come out -- 和 they’re always coming out – we typically have the same concerns. 我们的反应时间是多少? 我们能多快扫描到它们? If it’s in our environment, how quickly will the detection rules be updated?”
Fortunately, Rapid7 updates detection rules 和 scanning agents frequently. Conklin is even able to review them on weekly calls with his customer service team – 和 he is impressed at how quickly those are updated. “它提供了很多杠杆. Maybe somebody on our executive team is reading an article 和 they see a topic. 他们经常向我们伸出援手, 我们已经处于有利位置, 感谢Rapid7, 为了解决这些问题,他微笑着说。.
以客户为中心的
Conklin’s biggest concern when looking for a cybersecurity platform was that, 购买产品后, 他的团队只能靠自己了. 但他很快意识到,他没有必要为此担心. “在我25年的技术职业生涯中, I’ve never found a group of people that were as dedicated to an organization’s success as Rapid7,他热情地说。, even referring to his customer service advisor as an extended member of his team.
“Rapid7的每个人都非常迅速地提供帮助. 他们总是联系我们,保持联系. It’s not a set-it-和-forget-it mentality; there’s a constant synergistic dialogue,” he described. “他们非常、非常致力于帮助组织取得成功. The technology 和 the processes 和 detection rules 和 all that, they’re great. But really it’s the staff that make it such a value-add proposition for organizations like ours.”
“几年前, 我甚至在圣诞节的早晨给Rapid7 SOC打了电话,他回忆道, 一边笑一边分享最后的轶事. “We were not seeing routine detections that we would normally expect to see, 所以我有点担心. 这是一个合理的担忧. 我在早上6点左右给他们打了电话. 我以为我得等几个小时才有人给我回电话, 但不到五分钟我就接到了复试电话. 他们非常愉快,乐于助人,而且信息丰富. 我们花了几个小时把所有的东西都看了一遍. 这个人知道我对我所看到的不满意. And I’ve tried that with other organizations 和 it has just not gone well. 从来没有感觉Rapid7试图结束通话.”
