Rackspace Deploys RiskIQ PassiveTotal to Accelerate Investigation

Resources

Press Releases

Rackspace Deploys RiskIQ PassiveTotal to Accelerate Investigation and Response to Digital Threats

August 17, 2017

SAN FRANCISCO – Aug. 17, 2017 – RiskIQ, the leader in digital threat management, today announced that Rackspace has deployed RiskIQ PassiveTotal, a threat intelligence and investigation tool, to improve its ability to find, analyze, preempt, and respond to threats beyond the firewall. With PassiveTotal, Rackspace realized improvement in its mean time to respond (MTTR) on digital security issues, gained enhanced intelligence on external threats, and was able to more proactively monitor for domain and brand infringement. As a result, Rackspace extended cyber defenses for the company’s and its customers’ brands and hosted infrastructure.

Rackspace, a recognized leader in managed cloud services with customers in 150 countries, helps businesses tap the power of cloud computing without the complexity and cost of managing it themselves. Rackspace engineers deliver specialized expertise, easy-to-use tools, and Fanatical Support® for leading technologies, including AWS, Google, Microsoft, OpenStack, and VMware.

Like many other global enterprises and service providers, the company found it cumbersome and inefficient to obtain and utilize different sources of internet data sets, such as WHOIS, Passive DNS, IP blacklists, and SSL certificates, in response to researching exploits and possible hacking threats. Also, the company wanted to further enable safeguards to identify and assess domain infringement and brand abuse. It required threat intelligence that enhanced security staff capacity and could integrate with its existing security systems. Lastly, it wanted to provide its leadership with relevant insight on potential exposures, adversaries, and threat mitigation.

“Finding, analyzing, and responding to threats is a top priority, but it is challenging when the tasks are more manual. This consumes too many resources and may give threat actors more time to do potential harm,” said Gary Ruiz, Rackspace’s senior manager for cybersecurity. “With PassiveTotal, we can detect, verify, and respond to threats automatically, greatly lessening our time to respond to and mitigate issues. As a result, we can minimize or eliminate possible access to employee and customer information, while also defending Rackspace’s and our clients’ brands and domains from infringement through constant monitoring.”

Rackspace turned to RiskIQ PassiveTotal, which enabled it to centralize and consolidate tools and internet data sets, expedite investigations, and advance its security program to fortify external threat defenses. Because PassiveTotal collects, correlates, classifies, and monitors extensive internet data including exploits, attackers, and their infrastructure, Rackspace could more quickly understand and assess possible exposures, pertinent threat actors, and how they operate.

The solution’s intuitive web app interface provides correlated data pivoting, project collaboration, and active monitoring. Based on observed indicators of compromise (IOCs), like new domains and IPs, PassiveTotal facilitated Rackspace’s means to deploy preventative measures, as well as to identify other environments that might be susceptible to attack, thus helping to prevent future incidents. Also, PassiveTotal enables Rackspace’s security team to inform its upper management about pertinent exploits, corrective actions, and other companies that may want to collaborate.

Given its success with PassiveTotal, Rackspace plans to further leverage the platform’s API to automate data analysis and enrich context within its own applications, and anticipates expanding the use of RiskIQ’s product line.

Click here to read the full case study.

About RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social, and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk, and take action to protect business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners, and MassMutual Ventures. Visit RiskIQ.com or follow us on Twitter.

Try RiskIQ Community Edition for free by visiting https://www.riskiq.com/community/. To learn more about RiskIQ, visit www.riskiq.com.

###

© 2017 RiskIQ, Inc. All rights reserved. RiskIQ is a registered trademark of RiskIQ, Inc. in the United States and other countries. All other trademarks contained herein are property of their respective owners.

 

Contact
Alyssa Pallotti
Montner Tech PR
apallotti@montner.com
203-226-9290