Rapid7 > Case Studies > Enhancing Cybersecurity in Commercial Real Estate: A Case Study on Rapid7 Solutions

Enhancing Cybersecurity in Commercial Real Estate: A Case Study on Rapid7 Solutions

Rapid7 Logo
Technology Category
  • Analytics & Modeling - Real Time Analytics
  • Platform as a Service (PaaS) - Application Development Platforms
Applicable Industries
  • Cement
  • National Security & Defense
Applicable Functions
  • Maintenance
  • Product Research & Development
Use Cases
  • Cybersecurity
  • Tamper Detection
Services
  • Cybersecurity Services
  • Training
About The Customer
The customer in this case study is a commercial real estate development company based in Dallas, Texas. The company operates in an industry that is not heavily regulated by the government, but it still faces significant cybersecurity challenges. The company has a large number of remote sites and users, making it crucial to maintain security whether the employees are working onsite or remotely. The company's IT environment is unique due to the lack of government regulations, but it adheres to the CIS and NIST standards voluntarily. The company's biggest security challenges include patch management and user and asset management. The team often struggles with installing patches properly, leaving the system vulnerable. Additionally, the process of onboarding and offboarding employees from an IT and security perspective was a significant challenge.
The Challenge
The case study revolves around the challenges faced by Tony Hamil, a senior cybersecurity engineer for a commercial real estate development company based in Dallas, Texas. The company operates in an industry that is not heavily regulated by the government, but still faces significant cybersecurity challenges. Hamil's role includes a wide range of responsibilities, from application setup to maintenance, integrations, and alert monitoring. The company's IT environment is unique due to the lack of government regulations, but it adheres to the CIS and NIST standards voluntarily. The company has a large number of remote sites and users, making it crucial to maintain security whether the employees are working onsite or remotely. The company's biggest security challenges include patch management and user and asset management. The team often struggles with installing patches properly, leaving the system vulnerable. Additionally, the process of onboarding and offboarding employees from an IT and security perspective was a significant challenge.
The Solution
To address these challenges, the company has been using Rapid7’s InsightVM and Metasploit products for nearly five years. They also incorporated InsightIDR and the Managed Detection and Response (MDR) service as their extended SOC team. Most recently, they introduced InsightConnect to support their initiative for more integration, automation, and orchestration to make their security operations more fluid. InsightIDR has been used as the source of truth for alerts, data, and user activity, allowing the team to quickly understand what’s happening. InsightConnect has automated the onboarding and offboarding process, making it seamless. The company also uses InsightConnect to ensure patching happens every time, on time. It helps to isolate malicious users or systems by automatically gathering data for the team to make quick decisions. The company is also exploring containers to embed security at the beginning of their development projects. With InsightVM, they will be able to monitor containers during the development process to ensure they are secure before they are pushed to production.
Operational Impact
  • The use of Rapid7's products has significantly improved the company's cybersecurity operations. The automation and orchestration provided by InsightConnect have not only saved significant employee time but also reduced user error. The real-time data gathering by InsightVM has helped the company discover issues in their patching solution, leading to improved security configurations. The company now has a single-pane-of-glass view of their security operations, with InsightIDR serving as the source of truth for alerts, data, and user activity. The company has also benefited from Rapid7's customer relationship program, which provides regular check-ins and assistance. The training offered by Rapid7 has helped the company set up their security operations and make the most of the products they own. Looking forward, the company plans to focus on integrations with the cloud to further enhance their security program.
Quantitative Benefit
  • Automating the onboarding process with InsightConnect turned a five- to six-hour process into a five- to six-minute process, saving 30 hours a week of employee time.
  • InsightConnect's automation significantly reduced user error.
  • InsightVM's real-time data gathering helped the company discover issues in their patching solution, leading to improved security configurations.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.