Rapid7 > 实例探究 > US Naval Academy Alumni Association & Foundation Relies on Rapid7 UserInsight for Identifying Compromise and Risky User Behavior

US Naval Academy Alumni Association & Foundation Relies on Rapid7 UserInsight for Identifying Compromise and Risky User Behavior

Rapid7 Logo
公司规模
SME
地区
  • America
国家
  • United States
产品
  • Rapid7 UserInsight
技术栈
  • User Behavior Analytics
  • Geolocation Information
  • Automated Analysis
实施规模
  • Enterprise-wide Deployment
影响指标
  • Cost Savings
  • Customer Satisfaction
  • Digital Expertise
技术
  • 网络安全和隐私 - 身份认证管理
  • 网络安全和隐私 - 网络安全
  • 网络安全和隐私 - 安全合规
适用功能
  • 商业运营
  • 设施管理
用例
  • 入侵检测系统
  • 网络安全
  • 远程资产管理
服务
  • 系统集成
  • 培训
关于客户
The US Naval Academy Alumni Association & Foundation is a non-profit organization dedicated to supporting the alumni of the United States Naval Academy. With a membership of 70,000 living alumni, the organization plays a crucial role in maintaining connections and providing support to its members. The organization operates independently of government resources, which presents unique challenges in terms of funding and resource allocation. Ken Kurz, the Director of Information Services, brings extensive experience in information assurance and security engineering to the organization, having previously worked for the NSA. His role involves managing the IT infrastructure and ensuring the security of personal information for the alumni.
挑战
In a non-profit organization, cost-effectiveness is essential. The USNA Alumni Association & Foundation needed to build a security architecture to protect personal information of alumni. Ken Kurz, the Director of Information Services, faced the challenge of managing an infrastructure that supports 70,000 living alumni without leveraging government resources. The primary concern was to ensure the security of personal information while operating within the constraints of a non-profit budget. Ken's extensive background in information assurance and high-level security engineering made him well-suited for the task, but the challenge remained significant due to the unique constraints of the non-profit sector.
解决方案
Rapid7 UserInsight was chosen to provide situational awareness into users and common attack patterns. The solution offers real-time visibility of compromised user credentials and worldwide authenticated users, which is vital for securing the population of remote officers. UserInsight helps in detecting and investigating attacks leveraging compromised credentials, user impersonation, and lateral attacker movement. It provides a full picture of activity in one place and offers automated analysis to identify anomalous behavior, saving security teams time and improving accuracy. Additionally, UserInsight's geolocation information alerts the security team if there are multiple failed ingress attempts from unexpected locations, helping to quickly identify and respond to potential threats.
运营影响
  • UserInsight provides a comprehensive view of user activity, consolidating information that would otherwise be scattered across systems.
  • The solution offers automated analysis to identify anomalous behavior, improving the accuracy and efficiency of security teams.
  • Geolocation information helps in quickly identifying and responding to potential threats from unexpected locations.
  • UserInsight enables real-time monitoring of user authentication locations, extending to cloud services and mobile devices.
  • The solution helps in detecting common attack patterns such as pass-the-hash and harvesting credentials, providing security professionals with control over alerts.
数量效益
  • 76% of network intrusions involve compromised credentials, highlighting the importance of UserInsight's capabilities.
  • The solution identified user credentials involved in data breaches, such as the Stratfor Global Intelligence breach in 2011.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

相关案例.

联系我们

欢迎与我们交流!
* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

感谢您的信息!
我们会很快与你取得联系。