Introduction

Rapid7 Threat Command delivers proactive defense by transforming threat intelligence into automated security action. It monitors your external threat profile, aggregates and analyzes tens of thousands of threats, and automates the risk mitigation life cycle.

Threat Command leverages ground-breaking data-mining algorithms and unique cyber reconnaissance capabilities to continuously scan the surface, deep, and dark web to deliver actionable, contextual reconnaissance about potential threats to your organization, employees, executives, and board members. It seamlessly integrates with your existing security solutions to eliminate operational vulnerabilities, secure data, and protect resources.

Threat Command includes the following modules:

  • Threat Command: Threat Command monitors tens of thousands of sources across the surface, deep, and dark web to deliver tailored threat intelligence based on your organization’s unique digital assets.
  • Threat Intelligence Platform (TIP): TIP aggregates threat feeds and prioritizes IOCs in a single threat-management platform for accelerated triage, prioritization, response, and remediation.
  • Vulnerability Risk Analyzer (VRA): VRA provides an enriched view of Common Vulnerabilities and Exposures (CVEs). Using proprietary intelligence data from the clear, deep, and dark web, VRA prioritizes CVE data so you can focus on those CVEs that are most relevant to your business.
  • Automation: Automation streamlines the threat remediation process by integrating with existing security solutions to automate threat blocking and accelerate the threat takedown process for external threats.
  • Threat Third Party (TTP): TTP enables you to extend tailored threat intelligence to third-party organizations, helping you identify threats targeting third parties and understand how those threats pose a risk to your organization.
  • IntSights Extend Browser Extension: Extend brings the power of the Threat Command to your desktop. By using Extend on any web page, you can view indicators and CVEs on that web page.
  • Phishing Watch: Phishing Watch helps your organization identify attacks before phishing websites emerge attempting to redirect legitimate users from your official site.

Many of these modules support multi-tenant threat management. For more information, see Multi-Tenant Threat Management.

You can read this guide from "cover-to-cover," or you can get started immediately with the section that interests you.

Before you begin, ensure that you have registered as a user with the Rapid7 Threat Command, as described in Register to Threat Command.