Welcome to Managed Services
The mission of Rapid7’s Managed Service is to leverage our experts to collaboratively advance each customer’s cybersecurity decision-making and maturity through our tailored guidance. We pride ourselves on becoming a true extension of our customer’s security team.
Managed Products Overview
Please see the images below from the welcome video which outlines the different managed service offerings. And click here to view the Managed Services GuideBook
Managed Detection & Response
Enhances customers’ ability to detect and respond to live threats with hands-on 24/7 monitoring, threat hunting, and incident response.
Managed Vulnerability Management
Manages customers’ scan operations to provide actionable, tailored recommendations to prioritize risk remediation across the environment and foster a stronger security posture.
Managed Application Security
Managed Application Security (MAS) Customers leverage our app sec experts to gain deep visibility into run-time vulns across their entire web app layer and remediate risk much earlier in the development lifecycle.
Services Overview and the Teams Involved:
Rapid7’s Managed Services consist of multiple teams working together to help you improve your organization’s security posture. You may be assisted by all or some of these teams, depending on the services you have purchased.
Your Customer Advisor (CA) is your main point of contact for Rapid7 Services. You may have one or more assigned CAs depending on the number of organizations and services. This named resource works with you as a strategic security partner through ongoing security consultation to guide your organization’s security maturity, and should be considered an expert in your environment and a knowledgeable strategic resource who can help your organization advance more securely. They are your gateway to the many teams behind the scenes, from the MDR SOC to the Managed Operations teams. Customer Advisors work closely together to discuss best practices so your organization gets the benefit of the collective knowledge of all CAs. Your CA may be located in our LA, Austin, or Alexandria offices in addition to our remote CAs spread throughout the globe. You will work with your CA through Case tickets and have regularly scheduled meetings to provide updates on service delivery, reporting, metrics, technology health, and ensure that we are addressing your security goals. CAs are available during normal business hours by opening up a Customer Portal Case from the Platform. During non-business hours, a member of the CA team is on-call for security emergencies. (you can find this information in the "Contact us" tab).
Customer Success Manager
Your Customer Success Manager (CSM) is assigned to your account for your entire relationship with Rapid7. Your CSM is an internal advocate who ensures your team’s success by facilitating the best use of Rapid7’s solutions and driving resolution on technology-related issues and requirements. They are also your point of contact for adopting new Rapid7 solutions or expanding your solution coverage. Your CSM may be located in Boston or Austin and you will be given a direct line of communication through phone calls, emails, and regularly scheduled check-in meetings.
Throughout your relationship with Rapid7, you may work with the Rapid7 Support team for assistance with product related concerns. Your CA can help you determine whether to leverage the Support team.
ManagedVM & Managed AppSec:
ManagedVM & Managed AppSec
With both ManagedVM and Managed AppSec, not only does the Customer have support from their Customer Advisor, Customer Success Managers and the Support Team, there is another group that helps the CA- the Managed Operations Team.
Managed Operations Team
Rapid7’s Managed Operations team works behind the scenes to ensure that day-to-day operations run as smoothly as possible. The team is engaged right from the beginning of your journey with Rapid7, through standing up your console and making sure all supporting infrastructure is set up and configured correctly. Once you and your Customer Advisor (CA) have agreed upon a scanning cadence, the Managed Operations team will take over the configuration, monitoring, verification, and troubleshooting of these scans. They will also collaborate with your CA to help set up detailed and understandable reports, providing insight into vulnerabilities and remediation advice to help you securely advance. The Managed Operations teams are located in our Belfast and Arlington Security Operations Centers (SOCs).
With Managed Detection & Response - along with the Customer Advisor, Customer Success Managers and the Support Team, there are a few other teams involved who work with the Customer and Customer Advisor.
Security Operations Center (SOC)
After deployment is complete and all monitoring requirements have been met, your environment will be assigned to one of our Security Operations Center (SOC) Pods staffed by our world-class analysts. These pods of analysts ensure that each customer receives continuous 24x7x365 monitoring coverage for high-and-low-fidelity alerts. This pod model enables our SOC team to more thoroughly scale to ensure your environment is vigilantly monitored and our team can better identify known and unknown threats to your business, such as our monthly threat hunts. The MDR analysts are located in our Arlington, Dublin, and Melbourne SOCs. (For more information on the SOC team please see the SOC tab under Managed Detection & Response in the menu).
Rapid7's expert Incident Response (IR) Consultants have conducted hundreds of investigations and have decades of experience responding to compromises of all sizes and severity. These include small-scale opportunistic threats, corporate phishing attacks, credential theft, ransomware attacks, and sophisticated state-sponsored campaigns. Our professionals complement their expert analysis with knowledge of multiple, industry-leading technology platforms for rapid response and incident scoping. Our consultants are located throughout the US and are available 24x7x365 to help our customers. Rapid7's IR team is found within the Managed Services department under the Detection & Response (D&R) Practice.
Threat Intelligence Team
Rapid7’s Threat Intelligence team supports the MDR SOC and CAs with analysis and new detections. Our Threat Intelligence team of researchers identifies new attack trends across the global threat landscape and uses these findings to create in-product detection mechanisms for new vulnerabilities, exploits, and attack campaigns. The Threat Intelligence Team is located in our Arlington office.