InsightVM 和 InsightIDR Empower 悉尼科技大学 to Be Proactive with Cybersecurity

挑战

Like their counterparts in educational institutions across the globe, Allen 和 Degotardi have to contend with a growing range of cyber-threats. Universities are increasingly targeted by financially motivated cyber-criminals 与ransomware 和 钓鱼式攻击 旨在窃取员工和学生的个人信息. 但他们也受到来自 国家支持的黑客美国热衷于窃取突破性研究成果来推动R&D国内的努力. Degotardi说, it has been a goal of UTS to transform from a reactive security organization to something that is much more proactive.

来帮助实现这一转变, Degotardi was keen to refresh the UTS’ existing vulnerability management 和 SIEM solutions to drive improved visibility 和 control. 有了这个变化, they hoped to tackle issues before they escalate into major problems, 和 identify areas where security could be improved to reduce the overall workload on the IT security team.

解决方案

UTS选择了Rapid7 InsightVM for its superior reporting, user interface, 和 vulnerability detection. The product’s “wonderful” 指示板 are widely praised by Allen, helping to improve communication across the security team 和 with system administrators. The feedback has been positive so far 和 the end goal is that all IT stakeholders will soon be able to access 指示板 与其角色相关.

使用与InsightVM相同的代理, the InsightIDR solution has also benefitted the UTS team in its ease of deployment, as well as turning heads for its power 和 speed—saving IT time 和 helping to reduce risk more efficiently.

为什么InsightVM?

“仪表板是一个很好的时间快照. 让我们看一看, 深入研究, 你可以继续点击和钻东西,他说.

The product’s asset criticality tags in particular have helped to improve the efficiency of IT teams, ensuring they have a single pane view of the university’s mission-critical systems 和 applications, 是否有任何突出的补丁需要应用.

The Insight Agent has also been a great benefit for the UTS team, especially in its ease of setup deployment 和 because it doesn’t first require authentication from each system it’s running on.

“The agent now gets rolled out to any new server being run up. 它是预配置的代理, 从系统管理员的角度来看，这使工作变得容易得多, 因为他们只是部署包, 完成了,艾伦解释道。. 从系统管理团队的角度来看, 这样容易多了, 他们现在已经适应得多了, 因为一旦系统运转起来，砰的一声. The agent is communicating back to the collector, 和 it's all good.”

独一无二的SIEM

The “ace up its sleeve” is that InsightIDR is unlike anything else on the market, 成为一个完整的基于saas的SIEM平台, 据艾伦说.

“这是吸引人的地方之一, not having to deal with patching 和 updating it 和 looking after it 和 all sorts of other things that become a pain,他补充道. “拥有这种能力很棒.”

甚至更好的, UTS got up 和 running with InsightIDR in just a couple of hours 和 is providing visibility into threats that the institution simply didn’t have before. He sees further time savings 和 improvement around IT productivity with the custom parser that “works like a dream,” enabling them to ingest 和 correlate disparate data sources. Allen 和 his team can also perform simple searches on users linked to security events 和 view all the information they need on one screen, 只需点击一下. He praises the speed of the product itself: taking just five minutes to sift through 400 million events.

InsightIDR even allowed UTS to ditch its existing file integrity monitoring solution (FIM) 和 use the product’s built-in capabilities to help staff 和 students looking for missing files.

个人接触

在一起, Rapid7解决方案, including the newly added application security testing solution, AppSpider, 是否有助于提高生产力, 削减开支, 和 drive visibility 和 control for the UTS IT security team. A user-centric approach means Allen 和 his colleagues can spend more time doing, 更少的时间来加速.

“It's nice having that sort of UX-centric approach to it rather than a technical approach—it just makes it a lot easier to give people access,他说.

最重要的是, they’ve managed to cut the number of tickets that need reviewing each day, saving time 和 helping the small team focus on the highest priority tasks. The Insight Agent has saved even more valuable time on deployment 和 ongoing management.

那么，Rapid7团队呢? Allen is delighted there’s local client-facing support Down Under, 以避免深夜或清晨打电话到美国.

“It’s nice having somebody catch up with you every couple of weeks, every couple of months. That's pretty much how we came to be InsightIDR 和 AppSpider customers—purely through those interactions,他总结道。. “So, 不管我们的客户经理在干什么, 保持下去, because that's the personal touch that makes a big difference.”