Posts tagged Cloud Security

4 min Penetration Testing

PenTales: There Are Many Ways to Infiltrate the Cloud

At Rapid7 we love a good pen test story. So often they show the cleverness, skill, resilience, and dedication to our customer’s security that can only come from actively trying to break it! In this series, we’re going to share some of our favorite tales from the pen test desk and hopefully highlight some ways you can improve your own organization’s security. Rapid7 was engaged to do an AWS cloud ecosystem pentest for a large insurance group. The test included looking at internal and external as

4 min Cloud Security

Managing Risk Across Hybrid Environments with Executive Risk View

As attack surfaces continue to expand, security teams must evolve the scope and approach of their vulnerability management programs.

1 min Cloud Security

Standardizing SaaS Data to Drive Greater Cloud Security Efficacy

We are excited to announce availability of AWS AppFabric integration for InsightIDR. AWS AppFabric normalizes application data into the OCSF format.

3 min Cloud Security

Uncover and Remediate Toxic Combinations with Attack Path Analysis

Attack Path Analysis enables users to quickly identify potential avenues that bad actors could use to access and navigate your cloud environment.

3 min Cloud Security

Detect and Prioritize Identity-Related Cloud Risk with InsightCloudSec

We are pleased to introduce our next advancement of identity-related risk management and remediation in Rapid7's InsightCloudSec: Identity Analysis.

2 min Cloud Security

Casting a Light on Shadow IT in Cloud Environments

Shadow IT typically refers to the use of consumer apps or services without explicit IT approval. However, it can also occur at a cloud infrastructure level.

6 min Cloud Security

Cloud Security Strategies for Manufacturing

Most manufacturing organizations struggle with visibility issues in their hybrid cloud environments. This article offers strategies that can help.

4 min Cloud Security

New InsightCloudSec Compliance Pack: Implementing and Enforcing ISO 27001:2022

In this article, we discuss how the recently released ISO 27001:2022 compliance pack for InsightCloudSec can benefit your organization.

4 min Gartner

4 Takeaways from the 2023 Gartner® Market Guide for CNAPP

In an ongoing effort to help security organizations gain greater visibility into risk, we're pleased to offer this complimentary Gartner research, and share our 4 takeaways from the 2023 Gartner® Market Guide for CNAPP.

5 min Cloud Security

Center for Internet Security (CIS) unveils Azure Foundations Benchmark v2.0.0

CIS recently unveiled the latest version of their Azure Foundations Benchmark. This is the first major release since its launch more than 4 years ago.

2 min Cloud Security

Reduce Risk and Regain Control with Cloud Risk Complete

Detect and manage risk across cloud environments, endpoints, on-premises infrastructure, and web applications, with Rapid7's Cloud Risk Complete.

3 min Automated Remediation

3 Steps for Ramping Up to Fully Automated Remediation

Implementing automated remediation doesn't happen overnight—it takes time and a good roadmap. This article offers an incremental crawl, walk, run approach.

4 min Vulnerability Disclosure

Microsoft Defender for Cloud Management Port Exposure Confusion

Microsoft Defender for Cloud, until recently, didn't distinguish "0.0.0.0/0" as a synonym for "any" when checking for management port exposures for Azure instances.

5 min Healthcare Security

Cloud Security Strategies for Healthcare

The healthcare industry must innovate in the cloud to meet patient needs, but organizations need to do so without creating unnecessary or unmanaged risk.

4 min Cloud Security

What Tech Companies Should Look For in Cloud Security

Learn from Temporal Technologies's Brandon Sherman and Ancestry's Tony Black about how today's tech's security teams can tackle cloudsec challenges.