3 min
Attack Surface Management
Mind the Gap: How Surface Command Tackles Asset Visibility in Attack Surface Management
By establishing visibility of the attack surface and implementing management processes to prioritize, validate, and mobilize responses, security teams can reduce exposures exploited by malicious threat actors.
5 min
Attack Surface Management
Understanding your Attack Surface: Different Approaches to Asset Discovery
In this post, we’ll delve intoprocess of discovering assets. We cannot secure what we cannot see so getting this piece right is foundational to the success of your ASM program. This blog will explore four different methods of asset discovery starting with the most basic, deployed software agents.
5 min
Attack Surface Management
The Main Components of an Attack Surface Management (ASM) Strategy
In part one of this blog series, we looked at some of the core challenges that are driving the demand for a new approach to Attack Surface Management. In this second blog I explore some of the key technology approaches to ASM and also some of the core asset types we need to understand.
3 min
Attack Surface Management
Proactive Visibility Is Foundational to Strong Cybersecurity
Exposures are more than CVEs, so organizations need to move beyond the traditional thinking of vulnerability management to a holistic view.
4 min
Forrester Wave
Rapid7 Recognized in Forrester’s 2024 Attack Surface Management (ASM) Wave Report
This week, Rapid7 was recognized as a Contender in Forrester’s 2024 Attack Surface Management (ASM) Wave report.
6 min
Attack Surface Management
Help, I can’t see! A Primer for Attack Surface Management Blog Series
In this series, we will explore the critical challenges and solutions associated with Attack Surface Management (ASM), a vital aspect of modern cybersecurity strategy.
3 min
Attack Surface Management
The Japanese Threat Landscape: A Report on Cyber Threats in the Third Largest Economy on Earth
In this new report, Rapid7 analyzes Japan’s threat landscape and some of the largest cyber concerns affecting Japanese organizations.
6 min
Attack Surface Management
Cyber Asset Attack Surface Management 101
CAASM is intended to be an authoritative source of asset information complete with ownership, network, and business context for IT and security teams.
6 min
Application Security
OWASP TOP 10 API Security Risks: 2023
The OWASP Top 10 API Security Risks is a list of the highest priority API based threats in 2023. In this blog, we detail each item on the list.
2 min
IoT
Addressing the Evolving Attack Surface Part 1: Modern Challenges
In this webcast, Cindy Stanton highlights where the industry started from traditional vulnerability management which focused on infrastructure but evolved significantly over the last couple of years.
3 min
Detection and Response
360-Degree XDR and Attack Surface Coverage With Rapid7
Leverage InsightIDR, Threat Command, and InsightConnect to unlock a complete view of your attack surface with unmatched signal to noise.
4 min
Application Security
API Security: Best Practices for a Changing Attack Surface
APIs have become a large part of the application attack surface, making API security a critical consideration.
7 min
Emergent Threat Response
Popular Attack Surfaces, August 2021: What You Need to Know
Here’s the specific attack surface area and a few of the exploit chains we’re keeping our eye on right now.
4 min
Attack Surface Management
Attack Surface Analysis Part 3:
Red and Purple Teaming
This is the third and final installment in our 2021 series around attack surface analysis. In this installment I’ll detail the final 2 analysis techniques—red and purple teaming.
6 min
Penetration Testing
Attack Surface Analysis Part 2: Penetration Testing
In this three-part series, we’ll explore key considerations and strategies for choosing an attack surface analysis strategy, and the ways it can be used to increase awareness of both technical and process-related risks.