2 min
InsightIDR
Faster Investigations, Closer Teamwork: InsightIDR Enhancements
Incident investigations aren’t easy. Imagine investigation as a 100-piece jigsaw puzzle, except there are a million unarranged pieces to build from. Top analysts need to know what “bad” looks like and how to find it, and they must bring a sharp Excel game to stitch everything together...
3 min
InsightIDR
InsightIDR Now Supports Multi-Factor Auth and Data Archiving
InsightIDR is now part of the Rapid7 platform. Learn more about our platform vision and how it enables you to have the SIEM solution you've always wanted.
1 min
InsightIDR
Want to Try InsightIDR in Your Environment? Free Trial Now Available
InsightIDR, our SIEM powered by user behavior analytics, is now available to try in your environment. This post shares how it can help your security team.
4 min
InsightIDR
PCI DSS Dashboards in InsightIDR: New Pre-Built Cards
No matter how much you mature your security program
[https://www.rapid7.com/fundamentals/security-program-basics/] and reduce the
risk of a breach, your life includes the need to report across the company, and
periodically, to auditors. We want to make that part as easy as possible.
We built InsightIDR [https://www.rapid7.com/products/insightidr/] as a SaaS SIEM
[https://www.rapid7.com/fundamentals/siem/] on top of our proven User Behavior
Analytics (UBA) [https://www.rapid7.com/solutions/user-
3 min
How Do You Identify Zero-Days and Fileless Malware? Download (the) RAM.
[Banner Source: The ever-handy http://www.downloadmoreram.com.]
When a tactic becomes less and less effective, it's important to shift
strategies and adapt. With malware
[https://www.rapid7.com/fundamentals/malware-attacks/], attackers are doing
exactly that. As preventative measures such as antivirus and endpoint detection
and response continue to improve, it's harder for commodity and even obfuscated
malware to successfully install and persist on target machines unnoticed.
The most effective
4 min
User Behavior Analytics
SIEM Tools Aren't Dead, They're Just Shedding Some Extra Pounds
Security Information and Event Management (SIEM)
[https://www.rapid7.com/fundamentals/siem/] is security's Schrödinger's cat.
While half of today's organizations have purchased SIEM tools, it's unknown if
the tech is useful to the security team… or if its heart is even beating or
deployed. In response to this pain, people, mostly marketers, love to shout that
SIEM is dead, and analysts are proposing new frameworks with SIEM 2.0/3.0,
Security Analytics, User & Entity Behavior Analytics
[https://w
4 min
Deception Technology
Deception Technology: Can It Detect Intruders Earlier in their Attack Chain?
Every infosec conference is chatting about the Attack Chain, a visual mapping of
the steps an intruder must take to breach a network. If you can detect traces of
an attack earlier, you not only have more time to respond, but can stop the
unauthorized access to monetizable data and its exfiltration.
Even as attackers and pen-testers continue to evolve their techniques, the
Attack Chain continues to provide a great baseline framework to map out your
security detection program.
Many of today's
4 min
InsightIDR
Seven Ways InsightIDR Helps Maintain PCI Compliance
If your company processes credit card transactions, you must be compliant with
the Payment Card Industry Data Security Standard, or PCI DSS
[https://listings.pcisecuritystandards.org/documents/PCI_DSS-QRG-v3_2_1.pdf].
Any entity that stores, processes, or transmits cardholder data must abide by
these requirements, which provide best practices for securing your cardholder
data environment (CDE) [https://www.rapid7.com/solutions/compliance/pci-dss/].
Rapid7 InsightVM, InsightAppSec, and Metasploi
3 min
InsightIDR
Detect Corporate Identity Theft with a New Intruder Trap: Honey Credentials
If you're only looking through your log files, reliably detecting early signs of
attacker reconnaissance can be a nightmare. Why is this important? If you can
detect and react to an intruder early in the attack chain, it's possible to kick
the intruder out before he or she accesses your critical assets. This is not
only good for you (no monetary data is stolen), but it's also critical because
this is the only time in the chain that the intruder is at a disadvantage.
Once an attacker has an i
2 min
Phishing
Detect Unknown Spear Phishing Attacks
Phishing [https://www.rapid7.com/fundamentals/phishing-attacks/] continues to be
one of the top attack vectors behind breaches, according to the latest Verizon
Data Breach Investigations Report. Sending ten phishing emails to an
organization yields a 90% chance that company credentials are compromised.
Phishing is often the first step in the attack chain, opening an organization to
stealthy credential-based attacks that allow intruders to exfiltrate
confidential data. InsightIDR now detects targ
1 min
InsightIDR
Insight Platform Now Compliant with European Data Hosting Requirement
Cloud technology is everywhere. From our annual survey, we found that 79% of
organizations are allowing approved cloud services, with Office 365, Google
Apps, and Salesforce coming in as top 3. Our full incident detection &
investigation solution, InsightIDR, our incident detection and response
solution, and InsightUBA, our user behavior analytics solution are both
cloud-based by design, and hosts in the US-based Amazon S3 cloud. Driven by
market demand, we now offer a European hosting option to
2 min
InsightIDR
4 Tips to Help Model Your Security Program to the Attack Chain
When building out next year's security initiatives, how do you prioritize and
choose projects? At Rapid7, we recommend modeling your security program to the
Attack Chain, a graphical representation of the steps required to breach a
company.
For every successful breach, whether it be from a credential-based attack,
malware, or the exploitation of a vulnerability, attackers need to perform at
least one or multiple steps in the chain. If you can detect, investigate, and
remediate the attack earl
2 min
InsightIDR
Calling Your Bluff: Behavior Analytics in Poker and Incident Detection
As a former – or dormant – professional poker player, I'm seeing a lot of
parallels between poker and incident detection, especially when it comes to
behavior analytics. Detecting a bluff in poker is really not all that different
from detecting an intruder on the network.
New solutions, like Rapid7's InsightIDR
[https://www.rapid7.com/products/insightidr/], incorporate machine learning and
user behavior analytics [https://www.rapid7.com/products/insightidr/] to detect
stealthy attacks. This is
2 min
InsightIDR
What's the Difference Between InsightIDR & InsightUBA?
We're now a few weeks into our InsightIDR launch, and the response has been
tremendous – thank you! The Insight Platform is purpose-built to help you detect
and investigate attacks earlier across your entire network ecosystem. InsightIDR
builds upon the tested User Behavior Analytics and full functionality in
InsightUBA (formerly UserInsight), and adds powerful log search, investigation,
and compliance dashboards for an end-to-end Incident Detection and Response
offering.
Everything in InsightU
3 min
InsightIDR
Launching InsightIDR: From compromise to containment, FAST.
We just launched InsightIDR, the only fully integrated detection and
investigation solution that lets you identify a compromise as it occurs and
complete an investigation before things get out of control. InsightIDR does
three things well: detect attacks with high fidelity, accelerate investigations,
and end the drudgery of security data management. I'd like to take a minute to
share how we got here and why we're so excited to show you InsightIDR.
Cutting through the Noise to Detect Attacks