InsightVM and InsightIDR Empower 悉尼科技大学 to Be Proactive with Cybersecurity

Challenge

Like their counterparts in educational institutions across the globe, Allen and Degotardi have to contend with a growing range of cyber-threats. Universities are increasingly targeted by financially motivated cyber-criminals 与ransomware and 钓鱼式攻击 旨在窃取员工和学生的个人信息. 但他们也受到来自 国家支持的黑客美国热衷于窃取突破性研究成果来推动R&D国内的努力. Degotardi说, it has been a goal of UTS to transform from a reactive security organization to something that is much more proactive.

来帮助实现这一转变, Degotardi was keen to refresh the UTS’ existing vulnerability management and SIEM solutions to drive improved visibility and control. 有了这个变化, they hoped to tackle issues before they escalate into major problems, and identify areas where security could be improved to reduce the overall workload on the IT security team.

Solution

UTS选择了Rapid7 InsightVM for its superior reporting, user interface, and vulnerability detection. The product’s “wonderful” dashboards are widely praised by Allen, helping to improve communication across the security team and with system administrators. The feedback has been positive so far and the end goal is that all IT stakeholders will soon be able to access dashboards 与其角色相关.

使用与InsightVM相同的代理, the InsightIDR solution has also benefitted the UTS team in its ease of deployment, as well as turning heads for its power and speed—saving IT time and helping to reduce risk more efficiently.

为什么InsightVM?

“仪表板是一个很好的时间快照. 让我们看一看, 深入研究, 你可以继续点击和钻东西,” he says.

The product’s asset criticality tags in particular have helped to improve the efficiency of IT teams, ensuring they have a single pane view of the university’s mission-critical systems and applications, 是否有任何突出的补丁需要应用.

The Insight Agent has also been a great benefit for the UTS team, especially in its ease of setup deployment and because it doesn’t first require authentication from each system it’s running on.

“The agent now gets rolled out to any new server being run up. 它是预配置的代理, 从系统管理员的角度来看，这使工作变得容易得多, 因为他们只是部署包, 完成了,艾伦解释道。. 从系统管理团队的角度来看, 这样容易多了, 他们现在已经适应得多了, 因为一旦系统运转起来，砰的一声. The agent is communicating back to the collector, and it's all good.”

独一无二的SIEM

The “ace up its sleeve” is that InsightIDR is unlike anything else on the market, 成为一个完整的基于saas的SIEM平台, 据艾伦说.

“这是吸引人的地方之一, not having to deal with patching and updating it and looking after it and all sorts of other things that become a pain,” he adds. “拥有这种能力很棒.”

Even better, UTS got up and running with InsightIDR in just a couple of hours and is providing visibility into threats that the institution simply didn’t have before. He sees further time savings and improvement around IT productivity with the custom parser that “works like a dream,” enabling them to ingest and correlate disparate data sources. Allen and his team can also perform simple searches on users linked to security events and view all the information they need on one screen, 只需点击一下. He praises the speed of the product itself: taking just five minutes to sift through 400 million events.

InsightIDR even allowed UTS to ditch its existing file integrity monitoring solution (FIM) and use the product’s built-in capabilities to help staff and students looking for missing files.

个人接触

Together, Rapid7解决方案, including the newly added application security testing solution, AppSpider, 是否有助于提高生产力, 削减开支, and drive visibility and control for the UTS IT security team. A user-centric approach means Allen and his colleagues can spend more time doing, 更少的时间来加速.

“It's nice having that sort of UX-centric approach to it rather than a technical approach—it just makes it a lot easier to give people access,” he says.

最重要的是, they’ve managed to cut the number of tickets that need reviewing each day, saving time and helping the small team focus on the highest priority tasks. The Insight Agent has saved even more valuable time on deployment and ongoing management.

那么，Rapid7团队呢? Allen is delighted there’s local client-facing support Down Under, 以避免深夜或清晨打电话到美国.

“It’s nice having somebody catch up with you every couple of weeks, every couple of months. That's pretty much how we came to be InsightIDR and AppSpider customers—purely through those interactions,他总结道。. “So, 不管我们的客户经理在干什么, keep it up, because that's the personal touch that makes a big difference.”