Intelligent CISO Issue 43 - Page 62



Cloud adoption has revolutionised security operations for organisations but has also introduced new risks . Nasar Saddiq , Senior Regional Manager , Middle East & Africa , Rapid7 , tells us how Rapid7 helps organisations address key challenges and why a cloud centric approach is important , as well as how organisations can best prepare and implement a strategy that protects them against threats .


Can you tell us about Rapid7 ’ s evolution and its offerings ?
The heart of Rapid7 ’ s evolution has been down to the vision of our executive leaders – our CEO , Corey E . Thomas , and our Chief Innovation Officer , Lee Weiner . They ' ve really had a clear vision on how to build great security products and offerings for the market .
We also have a very good culture , with core values around ‘ never being done ’ and ‘ impacting together ’. That has resonated and helped us to evolve and make sure we ' re relevant to customer needs or requirements .
A key part of us evolving and understanding what customers need is down to our global research and threat intelligence team . We have a couple of key projects ; one of which is around global Internet scanning and honeypot networks . That gives a good understanding of risk and exposure with external assets and how attackers are trying to breach networks .
We also have Metasploit – the number one offensive security penetration testing tool . With that , we have more than 300,000 contributors busy providing exploits and helping us to understand attacks .
All of that global research and threat intelligence goes a long way to help build really good products . We ' ve organically done some of this through R & D , but we ' ve also done it through key acquisitions in log management , cloud or container security and application security over the past six years .
That ’ s really culminated into having a security operations platform which we call Rapid7 Insight that essentially gives a customer the capability to address vulnerability risk management and application security , same-day detection and response , coupled with cloud security and automation of security processes .
Within that platform , Rapid7 has multiple leading technologies which are
Nasar Saddiq , Senior Regional Manager , Middle East & Africa , Rapid7
recognised by and validated by thirdparty analysts .
How has cloud revolutionised security operations for organisations and what are some of the threats that have been introduced through cloud adoption ?
In terms of cloud security , there are many benefits – one of which is centralised security . Just as cloud computing centralises applications and data , cloud security centralises protection . It also reduces the cost of cloud storage and eliminates the need to invest in dedicated hardware .
In terms of improving cloud security , there is a ‘ shift left ’ approach which essentially means shifting security early in development of the life cycle so you
62 www . intelligentciso . com