I use the product on and off as we are Trillium, a Rapid7 distributor. For pre-sales purposes and to study the features, we maintain contact with Rapid7 Exposure Command.
What is our primary use case?
What is most valuable?
I find two to three features of Rapid7 Exposure Command most valuable. First, the attack surface management is exceptional. Rapid7 is fundamentally a vulnerability management product, and this represents their unique strength. When they perform attack surface management through scanning of public IPs, DNS reputation, and public domains of a customer, they excel at finding vulnerabilities and relating them to relevant CVEs and CVSS scoring systems, providing appropriate risk ratings. This attack surface management feature is quite strong.
Another valuable feature is dark web exposure monitoring. They scan and crawl dark web channels such as Telegram and other dark web forums and leak forums to check whether particulars linked with a customer's domain, credentials, or other IPs are for sale on the dark web or if data has leaked elsewhere. They report these findings comprehensively.
Rapid7 Exposure Command provides me with satisfaction knowing that my external attack surface and digital risk are being monitored. Every organization is exposed to the internet world, and Rapid7 Exposure Command provides visibility into how much we are exposed to the internet and whether our critical data or critical vulnerabilities are exposed to the public. If they are exposed publicly, both good actors and malicious actors operate online, and the malicious actors will leverage such exposure. This visibility is necessary and is being provided effectively by Rapid7 Exposure Command.
What needs improvement?
I believe there are two to three areas where Rapid7 Exposure Command can be improved. First, cloud integrations and the ability to assess cloud posture are essential components of an organization's external attack surface nowadays. Rapid7 Exposure Command has the cloud posture assessment feature, but in my opinion, it should be linked with cloud compliance requirements being introduced locally and internationally.
Secondly, regarding data criticality, Rapid7 Exposure Command integrates the DSPM feature, which stands for Data Security Posture Management. I believe this feature is present, but it requires enhancement with global data protection regulations such as GDPR.
I am learning about more features in products such as Rapid7 Exposure Command. I mentioned cloud posture assessment across Oracle Cloud, Azure Cloud, and AWS Cloud. Features specific to these cloud offerings would be beneficial. With AWS having separate cloud offerings, Rapid7 Exposure Command must cover all available AWS offerings and relevant services. To be honest, this is an area where I am still learning, so I cannot provide a precisely detailed answer.
For how long have I used the solution?
How are customer service and support?
Rapid7 has very good technical support staff, and I would rate their job at nine out of ten.
What other advice do I have?
Intelligent automation plays a very crucial role in refining my risk prioritization process because, in recent years, security researchers and leaders have realized that security tools alone are insufficient to deal with security threats. We must stay ahead of attackers, and achieving this requires very effective threat intelligence automation operations, which are directly linked with countermeasures to threats. The term threat hunting emphasizes the need for proactiveness in our daily conversations. Cybersecurity is not simply about a reactive approach; we must be proactive, and to effectively address cyber threats, threat intelligence is a key requirement.
I use two to three metrics to measure the effectiveness of Rapid7 Exposure Command's real-time reporting capabilities. I assess how good the reports are, how concise they are, and whether the information is relevant. There is a possibility of many false positives when dealing with attack surface management and internet crawling, including deep and dark web crawling. Therefore, report quality depends on how effectively false positives are being filtered, and a very concise, actionable, and to-the-point report is a key metric for determining a good product.
Rapid7's user-friendly interface has helped my security team make informed decisions. I have been working with Rapid7 products for seven to eight years. One of their very good features is that their products are user-friendly, and I require around three to four days maximum to become familiar with their products. If a new product is released, I need only three to four days to become accustomed to the interface. The interface is very user-friendly, and there are informational texts where further details are helpful; hovering over them provides very good explanations as well as definitions of technical terms.
In the Pakistani market, Rapid7 Exposure Command's pricing is on the expensive side, and that represents one of the challenges we are facing.
I have not checked the simulation feature in Rapid7 Exposure Command, but I believe it was not included in the first release of the product.
My overall rating for this product is seven point five out of ten.
