Posts by Christie Ott

3 min Automation and Orchestration

Automating User Provisioning and Deprovisioning with Security Orchestration, Automation, and Response (SOAR)

Here are three ways security orchestration and automation tools can streamline the user provisioning and deprovisioning process.

3 min Automation and Orchestration

How to Automate Threat Hunting with SOAR for Faster Response Times

In this blog, we highlight four ways security orchestration and automation (SOAR) tools can streamline the threat hunting process.

3 min Automation and Orchestration

How to Automate Phishing Investigations and Remediation

Here are four ways security orchestration and automation (SOAR) tools can streamline the phishing investigation process.

4 min Automation and Orchestration

How Security Orchestration & Automation Can Add Immediate Value

Thanks to security orchestration and automation (SOAR), it is possible to work efficiently with the resources you already have.

5 min User Behavior Analytics

[Q&A] Why Every Threat Detection Strategy Needs User Behavior Analytics

VP of Product Sam Adams explains how UBA works and how it’s evolved over the years to become a core part of threat detection and response strategies.

3 min Automation and Orchestration

Three Expensive Security Operations Costs and How to Minimize Them with SOAR

With the release of our Security Orchestration and Automation ROI Calculator, here are the three areas where companies spend the most resources on security.

4 min Threat Intel

Q&A with Rebekah Brown, Rapid7 Threat Intel Lead, on Attacker Behavior Analytics

Hear from Rebekah Brown, Rapid7’s threat intel lead, on Attacker Behavior Analytics and how Rapid7 is developing next gen threat detections for customers.

4 min InsightIDR

Unifying Security Data: How to Streamline Endpoint Detection and Response

Collecting data from the endpoint can be tedious and complex (to say the least). Between the data streaming from your Windows, Linux, and Mac endpoints, not to mention remote authentication and the processes running on these assets, there is a lot of information to gather and analyze. Unless you have a deep knowledge of operating systems to build this yourself—or additional budget to add these data streams to your SIEM tool [https://www.rapid7.com/fundamentals/siem/]—it may not be feasible for y

4 min InsightIDR

How to Identify Attacker Reconnaissance on Your Internal Network

The most vulnerable moment for attackers is when they first gain internal access to your corporate network. In order to determine their next step, intruders must perform reconnaissance to scout available ports, services, and assets from which they can pivot and gain access to customer databases, credit card data, source code, and more. These initial moments are arguably your best opportunities to catch attackers before critical assets are breached, but unfortunately, it can be very challenging t