MTC Report Deliverables
With your Managed Threat Complete (MTC) service, you’ll receive various report deliverables uploaded to your Rapid7 Services Portal delivered via the secure file transfer system. Sample deliverables and reports are shown below and listed in the appendix to the right.
These reports supplement various types of alerts and notifications from the MTC service. Examples of these can be found on the MTC notifications page.
Monthly Service Reports
Provided to your team on a monthly basis, this report provides metrics and context about threat detection and incident response activities conducted in the previous month, along with information about the health of detection and response controls in your environment.
View an example MDR Service Report
Below is a video overview of the Service Report. One of our Managed Detection & Response Customer Advisors breaks down each section in details to make it easy to understand the details in the report.
Incident Response Reports
This report details all analysis and incident management activities, key findings, the timeline of attacker activity, and recommended corrective actions to prevent the likelihood of recurrence and/or improve your ability to detect and respond to similar incidents in the future.
Service Update & Threat Briefing Presentation
As an MTC Advanced customer, your Customer Advisor will meet with your team on a monthly basis to:
- Recap the previous month’s MTC related security activities and key metrics
- Perform a security posture review and collaborate with your team to determine a gameplan to strengthen your security posture
- Review your security program against our critical controls framework to strategically improve your security maturity
- Provide advice on your future security projects if requested
Additionally, this review may include metrics to measure and highlight the progress you’ve made to strengthen your security posture by collaborating with your Customer Advisor and Rapid7. These present a high-level snapshot of MTC related security activities and trending analysis that can be shared with Executive teams to prove the value and ROI of Rapid7 MTC.
View an example Threat Briefing & Trend Reporting Presentation
Security Posture Assessment Report
Once the Insight Agent is deployed to 80% or more of the endpoints in your in-scope environment, a Security Posture Assessment will be performed to hunt for potential avenues for a future breach and assess your current security posture. The report deliverable provides remediation and mitigation recommendations to reduce these risks.
If the Security Posture Assessment finds that there is an active compromise, the incident response process will be initiated, and you will be notified by e-mail and/or phone (depending on incident severity).
View an example Security Posture Assessment Report
Critical Security Controls Assessment
Your Customer Advisor will work with you to assess, develop, and present a roadmap to improve your overall security program based on the Center for Internet Security - Critical Security Controls v8. The CIS Critical Security Controls (CIS Controls) is a prioritized set of safeguard best practices to mitigate the most prevalent cyber-attacks against systems and networks, and is often referenced by multiple legal, regulatory, and policy frameworks. This roadmap will be guide for your monthly Security Posture Review Meetings and presents an opportunity for Rapid7’s experts to collaborate with your team to strategically improve our detection visibility and response capabilities.
View an example Critical Security Controls Assessment Report
D&R Readiness Assessment
As part of MTC Advanced customer onboarding, you’ll meet with our team for a one-day, interview-based, qualitative assessment of your organization’s detection & response capability and operational resilience. The output of this will help your Customer Advisor to develop a roadmap to accelerate your security maturity and being your journey with Rapid7 MTC.
View an example excerpt from the D&R Readiness Assessment Deliverable
IR Planning Workshop
During onboarding, our team will host a collaborative session to help you build an Incident Response Plan and IR Runbook for engaging with the Rapid7 MTC service.
View an example excerpt from the IR Planning Workshop Deliverable.