Overview

In the past two years our team has done an enormous amount of work building a security team from the ground up. Ultimately this has resulted in bolstering Rapid7’s security posture and mitigating risks, but these are three key points that distinguish us:

1. We collaborate with all areas of the business. For example:
• By completing industry-standard security audits, vendor assessments and meeting directly with customers, we build a level of trust that is critical for driving revenue.
• We regularly partner with our product and engineering teams, offering thoughtful feedback on Rapid7’s products and contributing to their roadmaps. Sometimes our contributions are even more direct – during an overnight hackathon, we worked on a project that could ultimately enable industry-standard Single Sign-on in Rapid7’s Platform.
• We’ve established our team as a visible, helpful and approachable resource. Rapid7 employees feel comfortable reaching out to us to report suspicious activity at work, enabling us to respond more effectively to security incidents.

2. Our focus on automation continuously improves efficiency. Through our home-grown “Knex” event management and workflow platform, we’ve automated our work processes in ways that security solution providers don’t yet (effectively) cover. This improves our team’s efficiency and allows us to try out solutions that could be incorporated into Rapid7 products down the road or become future open source projects. One of our most successful Knex modules to date is an automated phishing analysis tool – it has allowed us to greatly streamline our phishing response process – and works seamlessly with our existing phishing detection approaches.

3. We’re involved in our community. Our team members speak at local and national events, serve as board members, host Kali Linux meet-up groups, teach community college classes, and contribute to several open source projects.