4 min
Penetration Testing
PenTales: There Are Many Ways to Infiltrate the Cloud
At Rapid7 we love a good pen test story. So often they show the cleverness,
skill, resilience, and dedication to our customer’s security that can only come
from actively trying to break it! In this series, we’re going to share some of
our favorite tales from the pen test desk and hopefully highlight some ways you
can improve your own organization’s security.
Rapid7 was engaged to do an AWS cloud ecosystem pentest for a large insurance
group. The test included looking at internal and external as
4 min
Cloud Security
Managing Risk Across Hybrid Environments with Executive Risk View
As attack surfaces continue to expand, security teams must evolve the scope and approach of their vulnerability management programs.
1 min
Cloud Security
Standardizing SaaS Data to Drive Greater Cloud Security Efficacy
We are excited to announce availability of AWS AppFabric integration for InsightIDR. AWS AppFabric normalizes application data into the OCSF format.
3 min
Cloud Security
Uncover and Remediate Toxic Combinations with Attack Path Analysis
Attack Path Analysis enables users to quickly identify potential avenues that bad actors could use to access and navigate your cloud environment.
3 min
Cloud Security
Detect and Prioritize Identity-Related Cloud Risk with InsightCloudSec
We are pleased to introduce our next advancement of identity-related risk management and remediation in Rapid7's InsightCloudSec: Identity Analysis.
2 min
Cloud Security
Casting a Light on Shadow IT in Cloud Environments
Shadow IT typically refers to the use of consumer apps or services without explicit IT approval. However, it can also occur at a cloud infrastructure level.
6 min
Cloud Security
Cloud Security Strategies for Manufacturing
Most manufacturing organizations struggle with visibility issues in their hybrid cloud environments. This article offers strategies that can help.
4 min
Cloud Security
New InsightCloudSec Compliance Pack: Implementing and Enforcing ISO 27001:2022
In this article, we discuss how the recently released ISO 27001:2022 compliance pack for InsightCloudSec can benefit your organization.
4 min
Gartner
4 Takeaways from the 2023 Gartner® Market Guide for CNAPP
In an ongoing effort to help security organizations gain greater visibility into risk, we're pleased to offer this complimentary Gartner research, and share our 4 takeaways from the 2023 Gartner® Market Guide for CNAPP.
5 min
Cloud Security
Center for Internet Security (CIS) unveils Azure Foundations Benchmark v2.0.0
CIS recently unveiled the latest version of their Azure Foundations Benchmark. This is the first major release since its launch more than 4 years ago.
2 min
Cloud Security
Reduce Risk and Regain Control with Cloud Risk Complete
Detect and manage risk across cloud environments, endpoints, on-premises infrastructure, and web applications, with Rapid7's Cloud Risk Complete.
3 min
Automated Remediation
3 Steps for Ramping Up to Fully Automated Remediation
Implementing automated remediation doesn't happen overnight—it takes time and a good roadmap. This article offers an incremental crawl, walk, run approach.
4 min
Vulnerability Disclosure
Microsoft Defender for Cloud Management Port Exposure Confusion
Microsoft Defender for Cloud, until recently, didn't distinguish "0.0.0.0/0" as a synonym for "any" when checking for management port exposures for Azure instances.
5 min
Healthcare Security
Cloud Security Strategies for Healthcare
The healthcare industry must innovate in the cloud to meet patient needs, but organizations need to do so without creating unnecessary or unmanaged risk.
4 min
Cloud Security
What Tech Companies Should Look For in Cloud Security
Learn from Temporal Technologies's Brandon Sherman and Ancestry's Tony Black about how today's tech's security teams can tackle cloudsec challenges.