4 min
SIEM
SIEM Security Tools: Six Expensive Misconceptions
Understanding recent improvements to traditional SIEMs incorporated by next-generation solutions proves critical to building a confident security posture.
3 min
Cloud Infrastructure
Why the Modern SIEM Is in the Cloud
Let’s talk about why modern SIEM is in the cloud, what core benefits you can expect, and how it is predicted to evolve as we soar toward 2020.
4 min
InsightIDR
Securing Your Cloud Environments with InsightIDR, Part 2: Amazon Web Services (AWS)
In this blog, we will talk about threat detection for the world’s most popular cloud host, Amazon Web Services (AWS).
4 min
Detection and Response
Forrester Tech Tide for Detection and Response: Is 2019 the Year of Convergence?
Rapid7 was recently recognized for capabilities spanning security user behavior analytics, security analytics, deception technology, SOAR, and file integrity monitoring.
4 min
Automation and Orchestration
Automation: The Ultimate Enabler for Threat Detection and Response
In our recent webcast series, we explain how companies can accelerate across their entire threat detection and response lifecycle by leveraging automation.
3 min
Compliance
Address the NAIC Insurance Data Security Model Law
The NAIC Insurance Data Security Model Law suggests a modern approach to detecting and responding to threats. This post looks at a few interesting requirements and shares how we can partner with your team across people, process, and technology.
5 min
Phishing
Phishing Attacks Duping Your Users? Here’s a Better Anti-Phishing Strategy.
You’ve hired the best of the best and put up the right defenses, but one thing
keeps slipping in the door: phishing emails. Part of doing business today,
unfortunately, is dealing with phishing attacks
[https://www.rapid7.com/fundamentals/phishing-attacks/]. Few organizations are
immune to phishing anymore; it’s on every security team’s mind and has become
the number one threat to organizations
[https://www.sans.org/reading-room/whitepapers/analyst/2017-threat-landscape-survey-users-front-line-3
4 min
InsightIDR
Attacker Behavior Analytics: How InsightIDR Detects Unknown Threats
InsightIDR customers now have an ever-evolving library of attacker behavior detections automatically matched against their data. Read on to learn how Rapid7 SOC and threat intel teams investigate a constant rumbling of attacker behavior and transform it into actionable threat intelligence.
4 min
Endpoint Security
Why Managed Detection and Response Zeroes In On the Endpoint
This post was co-written with Wade Woolwine
[https://www.rapid7.com/blog/author/wade-woolwine/], Rapid7 Director of Managed
Services.
What three categories do attackers exploit to get on your corporate network?
Vulnerabilities, misconfigurations, and credentials. Whether the attack starts
by stealing cloud service credentials, or exploiting a vulnerability on a
misconfigured, internet-facing asset, compromising an internal asset is a great
milestone for an intruder.
Once an endpoint is comprom
4 min
Detection and Response
Prepare for Battle: Let’s Build an Incident Response Plan (Part 4)
This is not a drill. In this final installment, read our recommendations for handling a real incident. Whether opportunistic or targeted, here's what you should be thinking about.
3 min
Incident Response
Prepare for Battle: Let’s Build an Incident Response Plan (Part 3)
Now, it’s time for the fun stuff. While an incident response plan review may feel like practicing moves on a wooden dummy, stress testing should feel more like Donnie Yen fighting ten people for bags of rice in Ip Man
3 min
Detection and Response
Prepare for Battle: Let’s Build an Incident Response Plan (Part 2)
In Part 1, we covered key considerations when drafting an incident response plan. Here, we'll cover the best way to get buy-in from key company stakeholders...
2 min
InsightIDR
2017 Gartner Magic Quadrant for SIEM: Rapid7 Named a Visionary
If you’re currently tackling an active SIEM project, it’s not easy to dig
through libraries of product briefs and outlandish marketing claims. You can
turn to trusted peers, but that’s challenging in a world where most leaders
aren’t satisfied with their SIEM [https://www.rapid7.com/fundamentals/siem/],
even after generous amounts of professional services and third-party management.
Luckily, Gartner is no stranger to putting vendors to the test, especially for
SIEM, where since 2005 they’ve rele
3 min
Detection and Response
Prepare for Battle: Let’s Build an Incident Response Plan (Part 1)
Creating and testing an IR plan mitigates risk—help your organization perform at its best by preparing it for the worst. Join us for Part 1: drafting the plan.
3 min
InsightIDR
InsightIDR Monitors Win, Linux & Mac Endpoints
Today’s SIEM tools [https://www.rapid7.com/products/insightidr/] aren’t just for
compliance and post-breach investigations. Advanced analytics, such as user
behavior analytics, are now core to SIEM to help teams find the needles in their
ever-growing data stacks. That means in order for project success, the right
data sources need to be connected: “If a log falls in a forest and no parser
hears it, the SIEM hath no sound.”
We’ve included endpoint visibility in InsightIDR since the beginning—it’