Rapid7 has launched Intelligence Hub, a platform intended to equip security teams with actionable intelligence and contextual insights for improved threat detection and response.
The introduction of Intelligence Hub comes amid increasing challenges faced by security teams, with a recent survey indicating that two-thirds of Security Operations Centre (SOC) analysts have experienced a significant rise in the number of security alerts over the past three years. Additionally, 70% of respondents reported a substantial increase in the number of security tools they are required to use.
Intelligence Hub seeks to address industry issues such as fragmented intelligence platforms, lack of contextual information, and difficulties in prioritising security threats. The platform curates data from multiple sources, including Rapid7's proprietary honeypot network and research, as well as open-source communities. According to the company, a particular focus is placed on verifying low-prevalence, high-impact indicators to reduce the occurrence of false positives.
This curated intelligence is available directly in the Rapid7 Command Platform, which enables analysts to incorporate relevant threat information within their existing workflows. The system aims to help teams prioritise the most significant threats and accelerate remediation activities.
Raj Samani, Chief Scientist at Rapid7, commented: "Security organisations are drowning in noise, making timely responses to threats nearly impossible. Intelligence Hub addresses this challenge by focusing on curated intelligence, providing only the most relevant and verified indicators to enable rapid and effective action."
Intelligence Hub offers features designed to help security teams contextualise threats based on the specific industry sector, geographical location, exposure to vulnerabilities, and the tactics and techniques used by threat actors. The methodology for attributing threats is clearly defined to support targeted mitigation strategies and improved resource allocation.
The platform is structured to integrate with existing security tools, including Rapid7's next-generation Security Information and Event Management (SIEM) solution, InsightIDR. By delivering intelligence within established tools, Rapid7 aims to reduce the need for analysts to switch contexts during investigations, potentially leading to faster and more accurate responses.
The company states that Intelligence Hub prioritises the most relevant threats by analysing active attacker campaigns, sector-specific targeting, and exploitability. The intelligence is curated by Rapid7 Labs researchers, combining honeypot data, open-source information, and internal research. The intention is to present security teams with high-fidelity alerts that are most likely to be actionable.
Monika Soltysik, Senior Research Manager at IDC, highlighted some of the broader challenges in the threat intelligence market: "In IDC's October 2024 survey of U.S. organisations, the top three challenges with threat intelligence solutions were cost (42.2%), false positives and alert fatigue (40.0%), and data quality and reliability (39.7%). Solution providers that are proactively addressing these challenges, like Rapid7, are making it easier for their customers to understand and secure their attack surface."
Rapid7 positions Intelligence Hub as a proactive tool for helping organisations cut through data overload, reduce noise, and ensure that resources are allocated to managing verifiable and relevant security threats.
