Infoblox Inc., the network control company that provides Actionable Network Intelligence and Rapid7, Inc. (NASDAQ: RPD), a leading provider of analytics solutions for security and IT operations, today announced new solution integrations to provide enhanced security orchestration capabilities. The integration enables security operations teams to automate asset discovery, gain visibility of diverse networks, and improve the efficiency of vulnerability management programs. Organizations will benefit from increased operational efficiency, reduced risk exposure, and improved security posture.
Today’s networks use diverse deployment architectures including physical, virtual, and hybrid cloud; a 2016 IDG Enterprise Cloud Computing Survey estimates that 73% of organizations have adopted at least one cloud security component. A significant challenge facing enterprises is getting visibility of what’s on the network because without this knowledge, there is no way to identify risks and threats. Infoblox IP Address Management (IPAM) and security solutions together with Rapid7 Nexpose and newly released InsightVM combine visibility with security orchestration capabilities allowing organizations to automate scanning when new devices join the network or when malicious activity is detected in real time. This can identify threats faster by providing visibility of malicious activity without having to wait for the next scanning cycle.
“Infoblox uses threat intelligence and analytics that enable users to detect and block data exfiltration and malware communications at the DNS level,” said Kanaiya Vasani, vice president of business development at Infoblox. “Infoblox technology can trigger Rapid7 to scan the compromised assets for vulnerabilities, without having to wait for the next scheduled scan. This real-time information and security orchestration enables organizations to break down silos and reduce network blind spots, and automatically take action to block threats and remediate quickly.”
Rapid7 Nexpose and InsightVM’s live monitoring gathers continuous data, whether via agents or agentless, to provide security professionals with increased visibility into the risk posed by their entire network footprint, including cloud, virtual, and endpoints. The vulnerability management solutions are designed to provide a fully available, scalable, and efficient way to collect vulnerability data and minimize risk. InsightVM automatically evaluates changes in users’ networks the moment they happen, allowing security professionals to better understand and quickly manage the risk posed to their organization.
“Constant change and a rapidly shifting threat landscape is the new-normal for security professionals. Having solutions in place that help provide full, immediate visibility into risk, so security teams can act fast to remediate, is critical,” said Lee Weiner, chief product officer at Rapid7. “Organizations require constant intelligence to discover, locate, and fix threats. Together with Infoblox, we are delivering on the promise of real-time visibility into risk and optimized workflow for accelerated action.”
Infoblox and Rapid7 provide security orchestration capabilities:
- Asset Discovery and Management – Infoblox IPAM and security solutions provide device discovery and single source of truth for devices and networks. These solutions notify Rapid7 Nexpose and InsightVM when new devices join or when new virtual workloads are spun up. Rapid7 can leverage this information for organizing assets, automated tracking and providing a detailed view of the network.
- Malicious Event Based Scanning – Infoblox uses curated threat intelligence and streaming analytics to help detect and block data exfiltration and malware communications at the DNS level. It can proactively limit the spread of malware like ransomware and disrupt the cyber kill chain.
- Context for prioritization – Infoblox shares actionable network intelligence and context (such as type of device, device location on the network, associated user, and event timing) around new and/or infected network assets to help prioritize scanning and remediation.
- Compliance Enforcement and Audit – Infoblox technology triggers Rapid7 software to check new physical or virtual devices that join the network for security and compliance posture before these devices are allowed on the network. This integration also provides valuable network information for audit reports.
Rapid7 (NASDAQ:RPD) is trusted by IT and security professionals around the world to manage risk, simplify modern IT complexity, and drive innovation. Rapid7 analytics transform today’s vast amounts of security and IT data into the answers needed to securely develop and operate sophisticated IT networks and applications. Rapid7 research, technology, and services drive vulnerability management, penetration testing, application security, incident detection and response, and log management for more than 6,300 organizations across more than 120 countries, including 39% of the Fortune 1000. To learn more about Rapid7 or join our threat research, visit www.rapid7.com.
About Infoblox Technology Alliance Partner Program
The Infoblox Technology Alliance Partner Program is designed to meet customer demand for solutions that can seamlessly share data and intelligence and integrate with existing workflow and infrastructure. Through this program Infoblox can help lower the cost of integration, reduce the friction associated with tying together multiple, disparate systems, and increase the value of existing investments in security, next-generation data centers, and network infrastructure. https://www.infoblox.com/partners/technology-partners/
Infoblox delivers Actionable Network Intelligence to enterprise, government, and service provider customers around the world. As the industry leader in DNS, DHCP, and IP address management, the category known as DDI, Infoblox (www.infoblox.com) provides control and security from the core—empowering thousands of organizations to increase efficiency and visibility, reduce risk, and improve customer experience.
Rachel E. Adam