Schedule meeting

Optimising Incident Response with Rapid7 InsightIDR: key takeaways from our latest workshop

We have just hosted another successful workshop, which brought together cyber security professionals for an immersive, hands-on experience dedicated to optimising incident response with InsightIDR. Hosted at the Rapid7 office in Reading, this deep-dive session was presented by Longwall’s expert team, featuring Beau Ingram, Nick Griffiths, Oliver Warne and Mat Cornish.

Attendees got to pick our cyber experts brains and gained valuable insights into enhancing their response strategies, tackling specific challenges and maximising the potential of InsightIDR in real-world scenarios. Through live demos, interactive breakout sessions, and guided labs, participants explored key elements of the incident response lifecycle (not to mention, the monopoly Longwall special game!).

Workshop highlights:

Identify success factors in incident response

Our experts outlined the fundamental elements of successful incident response; clear incident prioritiastion and risk management, automation and orchestration for streamlined workflows, effective security control investment and communication strategies during high-pressure events.

Mastering log searching and LEQL queries

Participants learned how to efficiently search and analyse logs within InsightIDR. Guided exercises allowed participants to develop expertise in LEQL (Log Event Query Language), gaining confidence in crafting powerful queries to detect anomalous behaviour and pinpoint potential security threats faster.

Planning, identifying and responding to cyber threats

A significant portion of the workshop was dedicated to incident detection and response planning. Attendees worked through practical scenarios, exploring:

    • Early threat detection mechanisms to spot malicious activity

    • Incident classification and escalation protocols

    • Best practices for containment, eradication and recovery

Threat hunting: proactively strengthening cyber defences

Our experts introduced advanced threat hunting techniques, demonstrating how organisations can move beyond reactive security measures. Through hands-on labs, participants explored:

    • Using LEQL to proactively hunt for shadow IT like plaintext passwords

    • Creating custom detection rules for behaviour anomalies with business context

    • Using a Digital forensic investigation tool (Velociraptor) for endpoint forensic analysis

By the end of this session attendees said they gained a deeper understanding of proactive security strategies, enhancing their ability to detect and mitigate threats before they escalate.

Visualising data for better decision-making

Cyber security success depends on data-driven decision-making. Participants learned how to use InsightIDR’s powerful visualisation features to:

    • Identify trends in security events

    • Pinpoint high-risk users and activities

    • Report on investigations to measure efficiency

This segment helped attendees turn raw data into actionable intelligence, streamlining investigative workflows and improving security operations.

Expanding capabilities beyond InsightIDR

As a centralised detection and response platform, InsightIDR excels at rapid threat identification. However, integrating complementary security tools can further enhance overall cyber security posture. Our experts walked attendees through:

    • Leveraging security automation to reduce manual workload

    • Use cases for Threat intelligence and Security Orchestration Automation and Response (SOAR) integration

    • Using Velociraptor to extend threat hunting to hardware-level investigation

Attendees left with a broader perspective on optimising their security stack, ensuring maximum resilience against evolving cyber threats.

Network with like-minded security professionals

This workshop concluded with exclusive insights into upcoming developments in InsightIDR and broader security trends. Attendees engaged in a live Q&A session, tapping into the expertise of Longwall’s cyber security specialists to discuss industry challenges, best practices and predictions for the future.

Final thoughts & looking ahead

This workshop was an invaluable experience, providing participants with practical skills and deep technical knowledge to enhance their incident response strategies. The interactive format encouraged collaborative problem-solving, ensuring that every attendee walked away with new techniques and solutions tailored to their organisation’s security needs.

We want to extend a huge thank you to everyone who participated, shared their insights, and contributed to an engaging day of learning. As cyber security threats continue to evolve, staying ahead requires continuous education and collaboration, and we’re committed to providing more opportunities for our community to grow.

Stay connected!

Interested in future workshops and webinars? Fill out this form to hear back from us regarding upcoming events, webinars and information.

Share

Privacy notice
Cookie notice
Contact Longwall
2025 © Longwall Security Ltd
Linkedin

Longwall Security Limited is registered in England and Wales. Registered number: 8690329. ​​Registered office: Suite I, Windrush Court, Abingdon Business Park, Abingdon OX14 1SY, United Kingdom.