Rapid7 Acquires IntSights to Gain External Threat Intelligence

Rapid7, Inc. this week announced it has acquired IntSights Cyber Intelligence Ltd. for $335 million as part of an effort to provide more visibility into potential external threats as they unfold on the dark web.

Richard Perkett, vice president of detection and response for Rapid7, said IntSights expands Rapid7’s detection capabilities portfolio to include automatic collection of external threat intelligence that otherwise would require a small army of security analysts to collect.

Organizations of all sizes are now keenly interested in not only the types of attacks cybercriminals are crafting and what credentials they may have compromised but also who they plan to target, added Perkett.

Rapid7 plans to integrate the IntSights external threat intelligence capabilities within the Rapid7 extended detection and response (XDR) platform that already collects threat intelligence from a wide variety of sources to forewarn organizations about potential threats. The goal is to extend the reach and scope of the threat intelligence provided within that XDR platform, said Perkett.

Lately, Rapid7 has been on an acquisition streak. Most recently, the company launched an InsightCloudSec platform that combines the cloud security posture management (CSPM) platform it gained with the acquisition of DivvyCloud last year and the Kubernetes security platform it gained with the acquisition of Alcide earlier this year. The InsightCloudSec platform provides unified visibility and context across multi-cloud environments that enable cybersecurity teams to analyze, prioritize and remediate issues as they arise. There are also infrastructure-as-code (IaC) templates to identify risk early in the CI/CD pipeline and tools for automating workflows. Via the Rapid7 InsightCloudSec platform, cybersecurity teams will be able to secure everything from traditional virtual machines to containers and serverless computing frameworks.

As cybersecurity becomes more complex and challenging to maintain, organizations are looking to centralize the management of security platforms, in part to become more efficient and ultimately reduce the total cost of cybersecurity. The challenge is achieving that goal without impacting the organization’s ability to thwart threats at a time when the number of attacks being launched by cybercriminals are increasing in both volume and sophistication.

The chronic shortage of skilled cybersecurity professionals has also made the need for better intelligence widely apparent. IT security teams need to be able to conduct counter cyber espionage initiatives to make sure their organizations can combat new and emerging threats before they are ever launched. That’s impossible to achieve, however, unless they have some insight into what their adversaries are planning.

As is the case with all battles, to be forewarned is to be forearmed. The good news is it’s becoming easier to collect security intelligence. The challenge is making that intelligence actionable without paralyzing the business. There is, after all, no such thing as perfect security, but the risks of any given threat to business can always be minimized.

Featured eBook
The State of Cloud Native Security 2020

The State of Cloud Native Security 2020

The first annual State of Cloud Native Security report examines the practices, tools and technologies innovative companies are using to manage cloud environments and drive cloud native development. Based on a survey of 3,000 cloud architecture, InfoSec and DevOps professionals across five countries, the report surfaces insights from a proprietary set of well-analyzed data. This … Read More