"100% More Efficient": Rapid7 Cuts Response Time from Hours to Minutes for Taylor Rose
关于泰勒·罗斯法
泰勒·罗斯法成立于2009年, bringing a fresh and distinctive commercial and client satisfaction focus to law. 排名前60的律师事务所, Taylor Rose is extremely proud of its 100-year plus heritage and the successful mergers it has undertaken to deliver its strategy to become a leading law firm in England and Wales. With a proud heritage and a unique management structure unlike any other law firm, 公司的理念是传递智慧, modern law.
Adrian Thompson is the former Chief Security Officer for Taylor Rose and former head of IT and InfoSec. Reporting directly to the Taylor Rose CIO, Thompson worked for the law firm for over nine years. 汤普森和他的同事克雷格·杰克逊, 泰勒·罗斯的信息安全工程师, connected with Rapid7 in late summer 2023 to discuss their cybersecurity journey with Rapid7.
Challenge
在接受公民社会组织的角色时, Thompson discovered some “glaring holes” in Taylor Roses’ security posture and determined that existing processes were too cumbersome and inefficient for his liking. Thompson, 鸟瞰他们的安全态势, and Jackson, 谁负责日常运营, knew that Taylor Rose needed a solution that enhanced visibility while simultaneously simplifying workflows.
Solution
Enter Rapid7. Thompson immediately realized that with Rapid7’s XDR and SIEM platform InsightIDR,以及合作伙伴关系和提供的服务 MDR, his team could become proactive instead of reactive, as well as efficient rather than disorganized.
“We were able to quickly and easily investigate and had all the tools and data and everything we needed in one place,汤普森回忆道. “Before, we would have to go into five or six different consoles to try and piece together what was happening. 这显然阻碍了我们的威胁反应, because we were responding slowly to whatever was occurring.”
快进到今天. Thompson says his team is still efficient and thriving thanks to InsightIDR. In fact, they’re up for the Information Security Team of the Year Award at the upcoming British Legal Technology Awards.
“Our team is 100 % more efficient now than pre-Rapid7 – and that’s not an exaggeration!他轻声笑着说。. “The time to address an incident has gone from hours to under an hour. We’re lightyears ahead of where we were at before InsightIDR and MDR. 如果没有他们,我们将需要一个更大的团队.”
易于设置,使用的乐趣
Rapid7's MDR is built on InsightIDR—Rapid7's leading SIEM and XDR platform—which gives MDR customers not only an extended team comprised of elite SOC analysts, 还包括亲身操作insighttidr的能力. Thompson largely credits the new-found efficiency to the resulting ease of use, including a low barrier to entry in terms of languages and the interface.
“还有其他一些产品, you need to be really proficient in query writing and that sort of thing,杰克逊透露道。. “如果你在这方面没有经验的话, you’re probably having to scroll through loads of lines of code that you might not understand or you might not need, 或者这可能与你无关.”
In contrast, 持续的杰克逊, Rapid7’s MDR team filters all of the “noise” down to the most important information. “You know straight away where to investigate and how to start your investigation,” he explained.
Thompson then interjected to beam about Rapid7’s MDR coverage. “它从任何地方获取信息,”他表示赞同. “你可以在一个地方得到所有的信息. It covers firewalls and everything, the coverage is complete.”
掌握新出现的威胁
One of Thompson’s favorite aspects of Rapid7 is the Monthly Threat Hunt, which Rapid7 sends to customers to keep them apprised of the most pressing emerging threats across the cyber landscape.
“例如, 最近出现的MOVEit漏洞, Rapid7’s SOC conducted a threat assessment within our environment to make sure that we’re not vulnerable to it,汤普森分享道。. “这样的东西绝对是无价的, 否则, our staff are going to be spending days trying to work out where the issue is. 这对我写董事会报告很有帮助, because I can confidently say that we’re responding to any new threats or vulnerabilities efficiently. 我们在他们上面.”
客户服务是关键
There’s another key ingredient to the successful partnership of Rapid7 and Taylor Rose. Jackson waxed poetic about his relationship with not only his customer advisor and SOC analysts, 而是整个Rapid7社区.
“这里的服务非常棒. We just had our monthly review call today with our dedicated security specialist, 交流是持续的. 不仅如此, Rapid7举办了大量的活动和网络研讨会, 你会觉得自己是团队的一员. 我不知道我参加过多少活动. 我今天早些时候开始听Rapid7播客!” he said.
“这是一个广泛的社区和伟大的人. We’ve met people from all the way throughout the business and they’re all absolutely great to get on with.”
According to Jackson, anyone who is new to Rapid7 need not be shy. He also highly recommends taking advantage of Rapid7’s “brilliant” documentation and support.
“文件非常全面. It’s really simple to follow, really helpful, and you can’t go wrong,” he advised. “Reach out to your customer advisor, because honestly, they’re brilliant. 他们会很快上手的. Even if it’s something that might be slightly out of scope. Not only will they do it, they’ll show you how to do it yourself as well. If you do those two things, then you’ll absolutely have a really good experience with Rapid7.”
在没有开销的情况下获得完整的端到端SOC
