News
Rapid7, Inc. announced that its Exposure Command solution supports AWS
November 2024 by Marc Jacob
Rapid7, Inc. announced that its Exposure Command solution now supports Amazon Web Services (AWS) Resource Control Policies (RCPs). As a launch partner for this powerful feature, Rapid7 now provides additional visibility, insights, and best practices that guide customers in addressing complex enterprise Identity and Access Management (IAM) challenges across the modern attack surface.
As businesses rapidly scale their AWS environments, they need additional visibility and tighter security controls in managing proliferating identities, resources, and their corresponding permissions. RCPs facilitate this by giving AWS customers more granular control over access at the resource level. Rapid7’s Exposure Command empowers organizations to implement a zero-trust approach that seamlessly integrates with their existing AWS cloud infrastructure, including AWS Service Control Policies (SCPs), which set permissions at the principal level. Through the addition of RCP support, Rapid7 enables customers to achieve a higher level of control, ensuring that resources and data remain protected, even as environments scale rapidly.
Exposure Command combines the power of 360-degree attack surface visibility with high-fidelity context enrichment, aggregating findings from Rapid7’s native exposure detection capabilities as well as third-party enrichment sources from customers’ existing technology ecosystem. This situational awareness enables teams to quickly zero in on the exposures attackers have in their sights, with the threat-aware risk context needed to assess, prioritize, and remediate vulnerabilities more efficiently and effectively.
Key Benefits of Exposure Command’s New RCP Support:
• Centralized RCP Monitoring and Governance: Exposure Command offers a single, unified view of RCP usage, making it easy for security teams to monitor and manage policies across their AWS environments.
• Enhanced Identity and Access Controls: RCP support extends Rapid7’s existing identity analysis capabilities, allowing organizations to automatically refine permissions organization-wide, prevent excessive access, and enforce least-privilege access (LPA) across AWS resources.
• Proactive Best Practice Recommendations: Rapid7 provides expert guidance on implementing RCPs effectively, enabling customers to align security controls with business objectives and regulatory requirements.
• Comprehensive AWS Coverage: In addition to RCPs and SCPs, Exposure Command offers a wide range of tools to protect AWS resources, including automated scanning and identification of vulnerabilities; real-time threat alerts for suspicious activities; and visibility and protection for AI and machine learning resources.
As cloud adoption continues to grow, Rapid7 remains committed to delivering the tools and insights organizations need to reduce risk, maintain compliance, and innovate securely alongside AWS.
