Rapid7 Case Studies Enhancing Cybersecurity in Commercial Real Estate: A Case Study on Rapid7 Solutions
Edit This Case Study Record
Rapid7 Logo

Enhancing Cybersecurity in Commercial Real Estate: A Case Study on Rapid7 Solutions

Rapid7
Analytics & Modeling - Real Time Analytics
Platform as a Service (PaaS) - Application Development Platforms
Cement
National Security & Defense
Maintenance
Product Research & Development
Cybersecurity
Tamper Detection
Cybersecurity Services
Training
The case study revolves around the challenges faced by Tony Hamil, a senior cybersecurity engineer for a commercial real estate development company based in Dallas, Texas. The company operates in an industry that is not heavily regulated by the government, but still faces significant cybersecurity challenges. Hamil's role includes a wide range of responsibilities, from application setup to maintenance, integrations, and alert monitoring. The company's IT environment is unique due to the lack of government regulations, but it adheres to the CIS and NIST standards voluntarily. The company has a large number of remote sites and users, making it crucial to maintain security whether the employees are working onsite or remotely. The company's biggest security challenges include patch management and user and asset management. The team often struggles with installing patches properly, leaving the system vulnerable. Additionally, the process of onboarding and offboarding employees from an IT and security perspective was a significant challenge.
Read More
The customer in this case study is a commercial real estate development company based in Dallas, Texas. The company operates in an industry that is not heavily regulated by the government, but it still faces significant cybersecurity challenges. The company has a large number of remote sites and users, making it crucial to maintain security whether the employees are working onsite or remotely. The company's IT environment is unique due to the lack of government regulations, but it adheres to the CIS and NIST standards voluntarily. The company's biggest security challenges include patch management and user and asset management. The team often struggles with installing patches properly, leaving the system vulnerable. Additionally, the process of onboarding and offboarding employees from an IT and security perspective was a significant challenge.
Read More
To address these challenges, the company has been using Rapid7’s InsightVM and Metasploit products for nearly five years. They also incorporated InsightIDR and the Managed Detection and Response (MDR) service as their extended SOC team. Most recently, they introduced InsightConnect to support their initiative for more integration, automation, and orchestration to make their security operations more fluid. InsightIDR has been used as the source of truth for alerts, data, and user activity, allowing the team to quickly understand what’s happening. InsightConnect has automated the onboarding and offboarding process, making it seamless. The company also uses InsightConnect to ensure patching happens every time, on time. It helps to isolate malicious users or systems by automatically gathering data for the team to make quick decisions. The company is also exploring containers to embed security at the beginning of their development projects. With InsightVM, they will be able to monitor containers during the development process to ensure they are secure before they are pushed to production.
Read More
The use of Rapid7's products has significantly improved the company's cybersecurity operations. The automation and orchestration provided by InsightConnect have not only saved significant employee time but also reduced user error. The real-time data gathering by InsightVM has helped the company discover issues in their patching solution, leading to improved security configurations. The company now has a single-pane-of-glass view of their security operations, with InsightIDR serving as the source of truth for alerts, data, and user activity. The company has also benefited from Rapid7's customer relationship program, which provides regular check-ins and assistance. The training offered by Rapid7 has helped the company set up their security operations and make the most of the products they own. Looking forward, the company plans to focus on integrations with the cloud to further enhance their security program.
Automating the onboarding process with InsightConnect turned a five- to six-hour process into a five- to six-minute process, saving 30 hours a week of employee time.
InsightConnect's automation significantly reduced user error.
InsightVM's real-time data gathering helped the company discover issues in their patching solution, leading to improved security configurations.
Download PDF Version
test test