3 min
Automation and Orchestration
Automating User Provisioning and Deprovisioning with Security Orchestration, Automation, and Response (SOAR)
Here are three ways security orchestration and automation tools can streamline the user provisioning and deprovisioning process.
3 min
Automation and Orchestration
How to Automate Threat Hunting with SOAR for Faster Response Times
In this blog, we highlight four ways security orchestration and automation (SOAR) tools can streamline the threat hunting process.
3 min
Automation and Orchestration
How to Automate Phishing Investigations and Remediation
Here are four ways security orchestration and automation (SOAR) tools can streamline the phishing investigation process.
4 min
Automation and Orchestration
How Security Orchestration & Automation Can Add Immediate Value
Thanks to security orchestration and automation (SOAR), it is possible to work efficiently with the resources you already have.
5 min
User Behavior Analytics
[Q&A] Why Every Threat Detection Strategy Needs User Behavior Analytics
VP of Product Sam Adams explains how UBA works and how it’s evolved over the years to become a core part of threat detection and response strategies.
3 min
Automation and Orchestration
Three Expensive Security Operations Costs and How to Minimize Them with SOAR
With the release of our Security Orchestration and Automation ROI Calculator, here are the three areas where companies spend the most resources on security.
4 min
Threat Intel
Q&A with Rebekah Brown, Rapid7 Threat Intel Lead, on Attacker Behavior Analytics
Hear from Rebekah Brown, Rapid7’s threat intel lead, on Attacker Behavior Analytics and how Rapid7 is developing next gen threat detections for customers.
4 min
InsightIDR
Unifying Security Data: How to Streamline Endpoint Detection and Response
Collecting data from the endpoint can be tedious and complex (to say the least).
Between the data streaming from your Windows, Linux, and Mac endpoints, not to
mention remote authentication and the processes running on these assets, there
is a lot of information to gather and analyze. Unless you have a deep knowledge
of operating systems to build this yourself—or additional budget to add these
data streams to your SIEM tool [https://www.rapid7.com/fundamentals/siem/]—it
may not be feasible for y
4 min
InsightIDR
How to Identify Attacker Reconnaissance on Your Internal Network
The most vulnerable moment for attackers is when they first gain internal access
to your corporate network. In order to determine their next step, intruders must
perform reconnaissance to scout available ports, services, and assets from which
they can pivot and gain access to customer databases, credit card data, source
code, and more. These initial moments are arguably your best opportunities to
catch attackers before critical assets are breached, but unfortunately, it can
be very challenging t