“不仅仅是一个小贩, a Full Partner": Junior Achievement and Rapid7 are an Unparalleled Combination

平稳过渡

“我们将Rapid7与几家供应商进行了比较. 我觉得我们有一个相当严格的过程，”兰德斯内斯透露. “Rapid7 graded out really well as far as functionality, ease of use, and cost. Since we’re a for-impact/non-profit organization, price is always top of mind for us. Our contacts were really good at showing us what the platform was going to look like, 解释实施过程是怎样的, 以及我们这边需要做什么.”

Landsness shared that after Junior Achievement signed up to use InsightAppSec, InsightVM, 管理检测 & Response, and Pentesting Services with Rapid7, things got easier, rather than challenging.

"在我们的端点上安装单个代理, desktops, and servers, and then creating a log server in our data center went really pretty easily. We were very happy with the onboarding experience and enjoyed the efficiency of using one agent for multiple platforms,” he recalled. “Fast-forward to today, and we consider them more than just a vendor – they’re a full partner.”

每个人都喜欢一块玻璃

像许多安全专家一样，Landsness喜欢简单. So it’s not surprising that when asked about his favorite feature within a Rapid7 product, 他重复了一句熟悉的话. “对我们来说，这是一块单一的玻璃，”他断言. “我们是一个小团队. 我有三个系统管理员类型的人向我汇报. 所有内容都在一个主机上，而且非常简单.”

当然，这不仅仅是为了便于Landsness使用. He also appreciates the coverage and attention to detail that have characterized his experience with Rapid7. Rapid7不仅为我们提供了一个专门的团队, 有一个人工智能组件可以查看我们所有的日志,” he explained. “It’s constantly ingesting our data, which we just can’t do manually because of our size.”

青少年成就和MDR:“没有人闯入”

Junior Achievement uses Rapid7’s managed detection and response (MDR) services, InsightVM, 和InsightAppSec——所有这些都是他们运营不可或缺的一部分. However, Landsness was quick to point to MDR as their “bread and butter” due to its outsize benefits – the regular, 迅速通知异常情况, Landsness说, is invaluable. Round-the-clock monitoring provided by Rapid7 SOC analysts is something Landsness and his team rely on – and more importantly, 他们对Rapid7的交付能力充满信心. 

“We probably get an alert or two per week of behaviors that are not consistent with what normally happens. And so, they’ll raise a ticket, and we’ll go take a look at it,” he shared. “We were alerted to a vulnerability in our firewall that needed to be patched really quickly recently, and we were able to remedy it before any of my other sources even knew about it.” 

To bring 24/7 SOC monitoring in-house would’ve been impractical and expensive. But it was a requirement laid out by Junior Achievement’s cybersecurity insurance provider. The value from Rapid7 on this front can’t be understated – by Landness’ estimates, hiring someone in-house to do what Rapid7 does would easily cost twice the cost of Rapid7’s premiums.

遵从性和一致性 

Furthermore, adhering to COPPA (regulatory compliance for the protection of children’s educational information) is an essential part of their job as well. Landsness对Rapid7实现这两个目标的能力感到满意, and he also shared that effective 24/7 monitoring fully aligns their Junior Achievement’s mission and values.

“We want to be a secure place for students and their families,” he intimated. “Nobody wants bad things to happen with student data or even materials. 我们很高兴能保证它的安全. Someone’s always trying to hack into something, but with Rapid7, no one’s breaking in.”

InsightVM:一个无价的工具

MDR may be Junior Achievement’s “bread and butter” but Landness says his favorite feature is actually within another platform – InsightVM. 

“I have this dashboard where I have everything I want, everywhere I need to go. In that dashboard, there’s a panel where you can sort all of your devices by how up-to-date they are in security patches. 这样我们就能知道是否遗漏了什么. 或者如果作业停止更新服务器. 或者如果用户一直推迟打补丁。”

这些知识节省了Landness的时间和烦恼. “拥有这些直接的知识是非常宝贵的. And it happens way before it probably normally would in the course of doing your job without the tool,” he shared. “这是一个很大的帮助.”

少年成就的下一章

The next chapter in Junior Achievement’s security journey is pen-testing. While they’ve previously conducted such tests every other year, they now plan to up their game. 计划是每年进行一次渗透测试. “Partnering with Rapid7 on that, and what we do with the results, is going to be big for us. We’re just going to continue to try to be ever more secure in what’s a crazily insecure world right now.”