Rapid7 is thrilled to be named a Leader in The Forrester Wave™: Midsize Managed Security Services Providers, Q3 2020! The Forrester report states, “Recent acquisitions improved network analysis and visibility (NAV) and analytics, making the portfolio comprehensive enough to become a viable alternative to traditional MSSPs.”

We focus on three core competencies of security excellence: Detection & Response (Managed Detection & Response - MDR),  Vulnerability Management (Managed VM),  Application Security (Managed AppSec).

The report ranks Rapid7 a Leader among the top 12 midsized managed security service provider vendors on 26 significant criteria, with Rapid7’s comprehensive portfolio receiving the highest scores possible in 11 criteria.

These criteria made up three high-level categories where we believe Rapid7 performed exceptionally well:

●  Market Presence - Highest score out of all vendors

●  Strategy - Second highest score out of all vendors

●  Current Offering - Third highest score out of all vendors

At Rapid7, we strive to be a leader in both products and services. While traditional MSSPs can manage third-party technology, we’re thrilled to manage our own industry-leading solutions.

As a strategic partner, we empower customers to access Rapid7’s experts and technology to extend their team, with the resources and clear guidance needed to drive security operations and transparency within their organizations—without sacrificing control. We look out for their security program as if it was our own.

The state of MSSPs in 2020

The current MSSP landscape is diverging from traditional service models, which typically manage existing security solutions and focus on producing reports to justify the value of their MSSP activity.

With the cybersecurity industry facing resource and expertise challenges, customers are seeking MSSPs that not only offload the burden of staffing for 24/7 monitoring, but also help them develop vulnerability management and application security programs for deeper visibility of their environment and to minimize their attack surface.

Many managed security vendors have shifted their focus to specialize in verticals of security, specifically around managed detection and response (MDR). The emergence of MDR players isn’t groundbreaking, but it also does not tell the whole story.

Providers such as Rapid7—with both MDR and additional managed services—are emerging as leaders in the market. Customers appreciate new models that offer both “do it for you” and “do it with you” options to meet the needs of any security program, at any maturity level.

That’s where Rapid7 managed services shine. Our experts partner with you to make sure you’re protected from all attack vectors: users, endpoints, applications, and your network. Our mission is to accelerate your security—no matter your current maturity level—with the tools, resources, and security talent necessary to improve your detection and response, vulnerability management, and application security programs.

Advice for MSSP buyers

The Forrester Wave cites three critical aspects that all customers should seek in their MSSP. Here is how we believe Rapid7 addresses these criteria:

  1. “Threat intelligence that tells the whole story.”

At Rapid7, we prioritize illustrating the complete picture of potential threats and providing clear direction for each customer. This is best showcased through our team’s ability to work together with customers to tailor our services to their environment.

Our Customer Advisors set our services apart from competitors because most MSSPs struggle to provide meaningful dashboards and reporting, which is available to Rapid7 customers through the transparency the underlying technology, InsightIDR, offers.

In addition to continuously scanning and monitoring your applications, users, network, and endpoints for vulnerabilities or threats, our services also include built-in detections for what our experts are seeing across all of our customer environments, ensuring customers are always one step ahead of attackers.

2. “A true extension of their team.”

Rapid7 Managed Services focus on developing a purposeful partnership to extend customer security operations teams.

A partner should supplement and augment your internal teams through collaboration and teamwork, beyond just technology itself.  When developing our managed services, we realized that our customers had common challenges: difficulty hiring and retaining talent, not enough resources to stand up the program they envisioned, and difficulty finding success with limited budgets.

The goal of each of our distinct managed services is to simplify the complexities of cybersecurity through continuous collaboration and transparency only achievable with our experts and solutions. We credit this achievement to our deep partnership with customers to ensure we are creating products that address their core needs, and an uncompromising commitment to delivering these solutions in a way that moves their security program forward as an extension of their team.

3. “Integrations that support growing cloud—and Microsoft—security solutions.”

Just because you have additional technology doesn’t mean that it should be useless to your MSSP. We’ve prioritized ensuring that our solutions are compatible with, and include API event collection technologies into, our customer’s existing technology stacks. This includes ingesting data from Microsoft’s security suite, Azure, AWS, and additional cloud service providers.

Having this additional data makes our managed services even better, with deeper visibility into the customer’s environment.

Read the full Forrester Wave and its findings here.