Rapid7 管理检测和响应 provides cybersecurity “eyes 和 ears” for leading law firm




对温斯洛普 & Weinstine

温斯洛普 & Weinstine is ranked as one of the leading law firms in the United 状态s. Representing 15 industries 和 scores of practice areas, including corporate/M&A, 一般商业诉讼和房地产法律, 它的130多名律师夜以继日地为客户提供帮助. 它主管, 克雷格·威尔逊, 已经执掌公司21年了, 在这段时间里,我们见证了技术领域的变革. 


像温斯洛普这样的律师事务所 & 温斯坦处理极为敏感的客户信息, 而且是越来越受网络攻击者欢迎的目标. They needed an accurate, automated way to detect 和 respond to cyber threats. 最终, the firm concluded that the sheer volume of threats facing firms today is such that only an expert third-party provider would be able to offer the 24/7 protection 温斯洛普 & Weinstine需要.


Rapid7的 管理检测和响应服务 combine the expertise of Rapid7的 SOC analysts 和 threat intel team with the company’s leading threat detection 和 response technology, InsightIDR. MDR团队成为了温斯洛普全天候的“耳目” & Weinstine需要. 作为一个虚拟组织, 他们能够达到95%的洞察力代理部署, 从整个IT环境中收集数据.

Wilson’s mission has always been to make his end users as efficient 和 productive as possible, which is why the entire firm now runs virtualized servers 和 desktop infrastructure. This has been complemented with the introduction of iPads 和 OneNote accounts to support remote working, 加强与法律助理的合作, 公司工作与生活的平衡也得到了全面改善.

然而, Wilson is also aware that this kind of digital transformation must be matched by investments in cybersecurity, or the wished-for benefits will be outweighed by increased risk exposure. 像温斯洛普这样的律师事务所 & 温斯坦处理极为敏感的客户信息, 而且是越来越受网络攻击者欢迎的目标.


Wilson knew he needed an accurate, automated way to detect 和 respond to cyber threats. He started by gauging whether the job could be done in-house by adding to his 10-strong IT team. 然而, he soon came to the conclusion that the sheer volume of threats facing firms today is such that only an expert third-party provider would be able to offer the 24/7 protection 温斯洛普 & Weinstine需要. That’s where Rapid7 管理检测和响应 (MDR) services came in.

“I wanted an outside company to be the eyes 和 ears looking out for us all the time. So I did my own research, talked with peers 和 seeing which company would fit,” he explains.

“当我开始这个过程时,我们的客户经理非常出色. She had so much passion for Rapid7 that she was very open with the product. 她一路帮助我,给了我所有的答案,”威尔逊补充道. “我们考察了七家公司...when I get involved, it’s like I’m doing an interview as if you’re part of my department. 这可以归结为三个不同的供应商, 和 everybody I’ve worked with in Rapid7 has been just as informed 和 passionate.”


Rapid7的 管理检测和响应服务 combine the expertise of Rapid7的 SOC analysts 和 threat intel team with the company’s leading threat detection 和 response technology, InsightIDR. 最重要的是, InsightIDR centralizes disparate security data 和 applies both user 和 attacker behavior analytics (UBA & 寻求妥协, leaving no place for the bad guys to hide—whether they’re external or insider threats. 除了分析, InsightIDR comes with an EDR agent—the Insight Agent supports Windows, Mac, 和linux,以及多种形式的欺骗技术, 从蜜罐到蜂蜜使用者, 凭证, 和文件.

The MDR service began with a compromise assessment 和 deployment of InsightIDR. 温斯洛普 & Weinstine很快达到了95%的Insight Agent部署, 多亏了100%的虚拟组织. The ability to spot threats was called into action early on when InsightIDR detected a live, multi-faceted attack simulation being carried out by another vendor red team, 威尔逊说.

“这很有趣。,他补充道, “because when I talked to my MDR customer advisor (CA) 和 shared that this was just an exercise, 我们的CA回应道, 让我们的团队进行调查,并做出回应.’ I thought that was great 和 showed a proactive mindset where Rapid7 wanted to test 和 improve their team, 太.”

Preventing threats as early in the kill chain as possible is essential for firms if they want to minimize the cost 和 reputational damage that can result from a serious attack or breach.

Wilson has also been impressed with the one-to-one help he has received from the Rapid7 team with things like identifying risky misconfigurations. He notes that the suggestions he’s received have helped to “change the way I’m thinking.”

“Rapid7 is my security arm providing ‘change thought’ in my department,他补充道. “I really feel, particularly for Rapid7, that I have my own CISO on staff. My customer advisor does a great job every month of going through key findings 和 reports. He’s providing critical, consistent information to us that we can use 和 move forward with.”

更重要的是, Wilson has confidence that any communications he sends will be answered accurately 和 in detail by the team. “如果我们有问题, we know we can send it to the email 和 you have a group of people looking out for you,他说. “我从不觉得自己把什么东西送入了黑洞.”


As for the future: Wilson 和 his team are excited about the possibilities Rapid7 has brought to the table. While the detection 和 response capabilities in MDR are already making a real difference to the company’s risk mitigation efforts, Wilson is looking forward to creating custom automated workflows 和 managing more 太ls with InsightIDR. He’s also considering utilizing Rapid7 reports to assist in answering clients’ security assessments.

很明显威尔逊很重视组织的安全, 和 he’s leveraging Rapid7 MDR 和 InsightIDR to give his team the monitoring 和 flexibility they need. 他渴望继续为他们的客户坚持这一标准.

" class="hidden">《寻龙记》