AI anomaly detection

Rapid7 has introduced its newest innovation in artificial intelligence (AI)-driven threat detection for the cloud. Now available in early access to select Rapid7 customers, this enhancement improves SOC teams’ visibility and response time to cyber threats across public cloud environments.

Rapid7’s cloud anomaly detection is an AI-powered, agentless detection capability designed to detect and prioritize anomalous activity within an organization’s cloud environment. The proprietary AI engine continuously learns and adapts to the customer’s environment, surfacing suspicious behavior and automatically suppressing benign signals to reduce noise. This results in a significant reduction in false positives and enables teams to focus on investigating and responding to active threats. When such activity is identified, native automation within the Rapid7 platform can immediately adjust configurations, right-size permissions and privileges, and integrate SOC, engineering, and IT teams into incident investigations.

“Identifying threats in the cloud has traditionally been a complex problem for organizations to solve,” said Aniket Menon, Vice President of Product Management, Rapid7. “This is critical in the SOC environment, where teams can’t waste time investigating innocuous alerts. We are always striving to reduce a customer's mean time to respond, especially in highly dynamic cloud environments, where AI and ML are critical in addressing the scale and velocity of alerts to enable effective investigation and response.”

Rapid7’s cloud anomaly detection combines with cloud providers’ services to help detect known and unknown threats earlier and surface true-positive alerts. Rapid7 customers can access these cloud threat detections in their investigation and response workflows on a single SecOps platform.