Rapid7, Inc. has announced a groundbreaking development in its global security operations center (SOC) teams. The company’s Rapid7 AI Engine, which serves as the backbone of its Insight Platform, now boasts cutting-edge generative artificial intelligence (AI) capabilities, revolutionizing the delivery of its industry-leading managed detection and response (MDR) services.
The Rapid7 AI Engine, a powerful analytics engine, assists the company’s global SOC team throughout the entire attack lifecycle. By leveraging a vast and diverse set of risk and threat data, the engine enhances threat detection and alert triage, automatically distinguishing between malicious and benign alerts. The integration of both traditional machine learning (ML) and generative AI models provides a multi-layered approach to validate the accuracy of security alert labeling. This innovative approach allows Rapid7 analysts to focus their efforts on investigating critical security signals rather than wasting time on false positives.
🆕 Now introducing: Generative AI. We’ve extended the Rapid7 AI Engine to include new Generative AI capabilities used by our internal SOC teams, transforming how we deliver our MDR services.
— Rapid7 (@rapid7) June 13, 2024
Read on: https://t.co/1B3k2AqBKz
Laura Ellis, vice president of data and AI at Rapid7, emphasizes the company’s long-standing commitment to pioneering AI technologies. “For years, we’ve pioneered the application of AI technologies, establishing patented models and incorporating them into our technologies to better and more efficiently solve customer challenges,” Ellis stated. “We remain at the forefront with generative AI, enhancing our world-class MDR services, ensuring that we continue to deliver unparalleled results for our customers.”
The Rapid7 AI Engine powers the company’s AI-native SOC assistant, providing MDR analysts with instant access to relevant and actionable information for complex security events. By utilizing Rapid7’s extensive internal knowledge bases, the SOC assistant guides analysts through intricate investigations and streamlines response workflows, keeping them ahead of potential threats.
Jeremiah Dewey, senior vice president of managed services and product delivery at Rapid7, highlights the significant impact of the AI Engine’s SOC assistant on the company’s expert teams. “Our AI Engine’s SOC assistant is a powerful tool for our expert teams,” Dewey remarked. “They are now exponentially more effective, due to the increased efficiency and speed in which they can respond to threats and mitigate risks, a significant advantage for our MDR customers and partners.”
Rapid7’s AI Engine also accelerates incident response, enabling customers to quickly understand and implement mitigation measures. By automating the first draft of incident reports, SOC analysts can deliver services more efficiently, focusing their efforts on reviewing, finalizing, and providing guidance to customers before moving on to the next pressing action.
Rapid7’s in-house operation of its AI Engine ensures a continuous feedback loop between frontline analysts and the AI and data science team. The company’s deployment process involves releasing AI models to internal SOC teams for training and testing before rolling them out to customers via in-product experiences. This approach guarantees the accuracy and actionability of the information provided by Rapid7’s models.
With an expansive range of event data sources, proprietary security datasets, and emergent threat intelligence, Rapid7 captures over 4.8 trillion security events each week. This vast collection of datasets and telemetry fuels a powerful learning environment for AI models, solidifying Rapid7’s position as a leader in AI-driven cybersecurity solutions.