Rapid7 Case Studies Enhancing Cybersecurity in Commercial Real Estate: A Case Study on Rapid7 Solutions

Edit This Case Study Record

	Enhancing Cybersecurity in Commercial Real Estate: A Case Study on Rapid7 Solutions Rapid7

Enhancing Cybersecurity in Commercial Real Estate: A Case Study on Rapid7 Solutions

Rapid7

Technology Category	Analytics & Modeling - Real Time Analytics Platform as a Service (PaaS) - Application Development Platforms
Applicable Industries	Cement National Security & Defense
Applicable Functions	Maintenance Product Research & Development
Use Cases	Cybersecurity Tamper Detection
Services	Cybersecurity Services Training
Challenge	The case study revolves around the challenges faced by Tony Hamil, a senior cybersecurity engineer for a commercial real estate development company based in Dallas, Texas. The company operates in an industry that is not heavily regulated by the government, but still faces significant cybersecurity challenges. Hamil's role includes a wide range of responsibilities, from application setup to maintenance, integrations, and alert monitoring. The company's IT environment is unique due to the lack of government regulations, but it adheres to the CIS and NIST standards voluntarily. The company has a large number of remote sites and users, making it crucial to maintain security whether the employees are working onsite or remotely. The company's biggest security challenges include patch management and user and asset management. The team often struggles with installing patches properly, leaving the system vulnerable. Additionally, the process of onboarding and offboarding employees from an IT and security perspective was a significant challenge. Read More
About Customer	The customer in this case study is a commercial real estate development company based in Dallas, Texas. The company operates in an industry that is not heavily regulated by the government, but it still faces significant cybersecurity challenges. The company has a large number of remote sites and users, making it crucial to maintain security whether the employees are working onsite or remotely. The company's IT environment is unique due to the lack of government regulations, but it adheres to the CIS and NIST standards voluntarily. The company's biggest security challenges include patch management and user and asset management. The team often struggles with installing patches properly, leaving the system vulnerable. Additionally, the process of onboarding and offboarding employees from an IT and security perspective was a significant challenge. Read More
Solution	To address these challenges, the company has been using Rapid7’s InsightVM and Metasploit products for nearly five years. They also incorporated InsightIDR and the Managed Detection and Response (MDR) service as their extended SOC team. Most recently, they introduced InsightConnect to support their initiative for more integration, automation, and orchestration to make their security operations more fluid. InsightIDR has been used as the source of truth for alerts, data, and user activity, allowing the team to quickly understand what’s happening. InsightConnect has automated the onboarding and offboarding process, making it seamless. The company also uses InsightConnect to ensure patching happens every time, on time. It helps to isolate malicious users or systems by automatically gathering data for the team to make quick decisions. The company is also exploring containers to embed security at the beginning of their development projects. With InsightVM, they will be able to monitor containers during the development process to ensure they are secure before they are pushed to production. Read More Log in to view content
Contents

Technology Category

Analytics & Modeling - Real Time Analytics

Platform as a Service (PaaS) - Application Development Platforms

Applicable Industries

Cement

National Security & Defense

Applicable Functions

Maintenance

Product Research & Development

Use Cases

Cybersecurity

Tamper Detection

Services

Cybersecurity Services

Training

Challenge

The case study revolves around the challenges faced by Tony Hamil, a senior cybersecurity engineer for a commercial real estate development company based in Dallas, Texas. The company operates in an industry that is not heavily regulated by the government, but still faces significant cybersecurity challenges. Hamil's role includes a wide range of responsibilities, from application setup to maintenance, integrations, and alert monitoring. The company's IT environment is unique due to the lack of government regulations, but it adheres to the CIS and NIST standards voluntarily. The company has a large number of remote sites and users, making it crucial to maintain security whether the employees are working onsite or remotely. The company's biggest security challenges include patch management and user and asset management. The team often struggles with installing patches properly, leaving the system vulnerable. Additionally, the process of onboarding and offboarding employees from an IT and security perspective was a significant challenge.

About Customer

The customer in this case study is a commercial real estate development company based in Dallas, Texas. The company operates in an industry that is not heavily regulated by the government, but it still faces significant cybersecurity challenges. The company has a large number of remote sites and users, making it crucial to maintain security whether the employees are working onsite or remotely. The company's IT environment is unique due to the lack of government regulations, but it adheres to the CIS and NIST standards voluntarily. The company's biggest security challenges include patch management and user and asset management. The team often struggles with installing patches properly, leaving the system vulnerable. Additionally, the process of onboarding and offboarding employees from an IT and security perspective was a significant challenge.

Solution

To address these challenges, the company has been using Rapid7’s InsightVM and Metasploit products for nearly five years. They also incorporated InsightIDR and the Managed Detection and Response (MDR) service as their extended SOC team. Most recently, they introduced InsightConnect to support their initiative for more integration, automation, and orchestration to make their security operations more fluid. InsightIDR has been used as the source of truth for alerts, data, and user activity, allowing the team to quickly understand what’s happening. InsightConnect has automated the onboarding and offboarding process, making it seamless. The company also uses InsightConnect to ensure patching happens every time, on time. It helps to isolate malicious users or systems by automatically gathering data for the team to make quick decisions. The company is also exploring containers to embed security at the beginning of their development projects. With InsightVM, they will be able to monitor containers during the development process to ensure they are secure before they are pushed to production.

Impact #1	The use of Rapid7's products has significantly improved the company's cybersecurity operations. The automation and orchestration provided by InsightConnect have not only saved significant employee time but also reduced user error. The real-time data gathering by InsightVM has helped the company discover issues in their patching solution, leading to improved security configurations. The company now has a single-pane-of-glass view of their security operations, with InsightIDR serving as the source of truth for alerts, data, and user activity. The company has also benefited from Rapid7's customer relationship program, which provides regular check-ins and assistance. The training offered by Rapid7 has helped the company set up their security operations and make the most of the products they own. Looking forward, the company plans to focus on integrations with the cloud to further enhance their security program.

Impact #1

The use of Rapid7's products has significantly improved the company's cybersecurity operations. The automation and orchestration provided by InsightConnect have not only saved significant employee time but also reduced user error. The real-time data gathering by InsightVM has helped the company discover issues in their patching solution, leading to improved security configurations. The company now has a single-pane-of-glass view of their security operations, with InsightIDR serving as the source of truth for alerts, data, and user activity. The company has also benefited from Rapid7's customer relationship program, which provides regular check-ins and assistance. The training offered by Rapid7 has helped the company set up their security operations and make the most of the products they own. Looking forward, the company plans to focus on integrations with the cloud to further enhance their security program.

Benefit #1	Automating the onboarding process with InsightConnect turned a five- to six-hour process into a five- to six-minute process, saving 30 hours a week of employee time.
Benefit #2	InsightConnect's automation significantly reduced user error.
Benefit #3	InsightVM's real-time data gathering helped the company discover issues in their patching solution, leading to improved security configurations.

Benefit #1

Automating the onboarding process with InsightConnect turned a five- to six-hour process into a five- to six-minute process, saving 30 hours a week of employee time.

Benefit #2

InsightConnect's automation significantly reduced user error.

Benefit #3

InsightVM's real-time data gathering helped the company discover issues in their patching solution, leading to improved security configurations.

Download PDF Version

Overview

Enhancing Cybersecurity in Commercial Real Estate: A Case Study on Rapid7 Solutions

Operational Impact

Quantitative Benefit