Report Deliverables

With your MDR service, you’ll receive various report deliverables uploaded to your Rapid7 Services Portal delivered via the secure file transfer system. Newest reports automatically sort to the top.

You'll receive different types of reports & Notifications with Managed Detection and Response. Reports are shown before and also listed on the appendix to the right.

Monthly Service Reports

Provides metrics and context about threat detection and incident response activities conducted in the previous month, along with information about the health of detection and response controls in your environment.

MDR Service Report Example

MDR Service Report Example

Report Walkthrough

Below is a video overview of the Service Report. One of our Managed Detection & Response Customer Advisors breaks down each section in details to make it easy to understand the details in the report.

Incident Response Reports

This report details all analysis and incident management activities, key findings, the timeline of attacker activity, and recommended corrective actions to prevent the likelihood of recurrence and/or improve your ability to detect and respond to similar incidents in the future.

MDR Incident Report Example

Incident Report Example

Compromise Assessment Report

Once your team has deployed the Insight Agent to 80% or more of the endpoints in your in-scope environment, a Compromise Assessment will be performed to identify active or historic compromises or potential avenues for future breaches. The report will also include prioritized remediation and mitigation recommendations.

If the Compromise Assessment finds that there is an active compromise, the incident response process will be initiated, and you will be notified by e-mail and/or phone (depending on incident severity).

MDR Compromise Assessment Report Example

Compromise Assessment Report Link

Emergent Threat Response Notification

Upon learning of new vulnerabilities or threats that may impact our customers, the Rapid7 team will proactively communicate with all Rapid7 Managed Services customers through email with details of what we know, how customers can take proactive measures to protect themselves, and what our Rapid7 team is doing to assist them.

MDR Emergent Threat Response Notification Example

Incident Notification

Rapid7’s SOC team will send an initial notification immediately to your team via a Customer Portal case and e-mail notification to your designated contacts once an incident is validated to inform your team of the ongoing investigation and any preliminary response actions that the Rapid7 MDR SOC and CA team suggest taking as an immediate next steps.

Notification includes high-level details of the investigation:

  • Evidence of incident
  • Impacted asset hosts
  • Impacted users
  • Immediate remediation actions
  • Link to InsightIDR investigation
  • Any questions for your team

MDR Incident Notification Example