While defenders focus on advanced malware, attackers are using compromised credentials to impersonate regular users and fly under the radar. Most security programs can’t detect this behavior, so intruders’ lateral movement goes unnoticed, and security professionals are buried under thousands of false-positive alerts. Instead of focusing on the perimeter, you need detection in depth, covering endpoints, cloud services, and mobile devices. With UserInsight, you’ll confidently detect security incidents before attackers cause damage. You’ll be able to focus on what matters because you won’t be distracted by false-positive alerts. UserInsight correlates user behavior across your entire ecosystem so intruders have nowhere to hide. Best of all: You’ll no longer have to write rules to detect attacks.


With UserInsight you can:

• Detect stealthy intruder movement

• Eliminate alert fatigue

• Get endpoint visibility without “yet another agent”

• Set traps for intruders

• Put your threat intelligence to work

• Move at the speed of the attacker

  • Screen_1

Detect Attacks Automatically

UserInsight helps you detect incidents before they turn into a breach. To achieve this, we study how attacks happen and detect intruder behavior on the network by combining our attacker knowledge with analytics - a discipline we call intruder analytics. We follow intruders wherever they may go: on your servers, endpoints, mobile devices and in the cloud. We obsess about keeping false positives low - they're distracting and costly. In addition to analyzing behaviors, we also set traps for intruders and notify you when they are triggered.


Investigate Quickly

Investigating incidents is time consuming, requiring specialized expertise and lots of patience. However, time is not an abundant resource when an intruder is on the network and incident responders are hard to hire. UserInsight enables your entire team to investigate an incident, providing instant user context for all activities. We keep years of data immediately searchable and help you pin your findings on a timeline.


Connect Solutions

Seventy-four percent of security professionals criticize that incident investigation solutions lack integration with other products. UserInsight connects with your existing monitoring solutions to add user context, bring analytics to your SIEM, and integrates with your strategic cloud services and business applications. While some monitoring solutions require months of professional services, UserInsight provides value in days and reduces your operational cost through a secure, scalable cloud infrastructure.

Office Facilities US & Canada, Asia-Pacific, Japan, European Markets, Emerging markets
Support Model Direct through third party or partner
Support Coverage Hours 24x7 Standard business hours, with after hours pager support
TAC Hotline 866-390-8113
TAC Support Alias null
TAC URL https://www.rapid7.com/support/


Version Verified Compatible Cisco Product Date Tested
1.0 None N/A