Posts tagged Detection and Response

2 min InsightIDR

How to detect new server ports in use on your network

In this blog, we discuss how to detect new server ports in use on your network.
3 min GDPR

GDPR Preparation March and April: Course Correct

Wow, how did March just happen? Living in a country that just fell apart like a clown car because of snow, it’s still feeling decidedly wintery here in the UK, and as a weather obsessed Brit I am fully looking forward to sunnier times. You know, that single day sometime in August. By that time, we’ll have crossed the border into the brave new world of the General Data Protection Regulation (GDPR) [https://www.rapid7.com/solutions/compliance/gdpr/], and like many of you, I am curious as to what t
3 min InsightIDR

How To Detect Unauthorized DNS Servers On Your Network

DNS was never designed as a very secure protocol, and it is a popular target for attackers. Here is how you can detect unauthorized DNS servers on your network
4 min Detection and Response

Prepare for Battle: Let’s Build an Incident Response Plan (Part 4)

This is not a drill. In this final installment, read our recommendations for handling a real incident. Whether opportunistic or targeted, here's what you should be thinking about.
3 min Detection and Response

Prepare for Battle: Let’s Build an Incident Response Plan (Part 2)

In Part 1, we covered key considerations when drafting an incident response plan. Here, we'll cover the best way to get buy-in from key company stakeholders...
2 min InsightIDR

2017 Gartner Magic Quadrant for SIEM: Rapid7 Named a Visionary

If you’re currently tackling an active SIEM project, it’s not easy to dig through libraries of product briefs and outlandish marketing claims. You can turn to trusted peers, but that’s challenging in a world where most leaders aren’t satisfied with their SIEM [https://www.rapid7.com/fundamentals/siem/], even after generous amounts of professional services and third-party management. Luckily, Gartner is no stranger to putting vendors to the test, especially for SIEM, where since 2005 they’ve rele
3 min Detection and Response

Prepare for Battle: Let’s Build an Incident Response Plan (Part 1)

Creating and testing an IR plan mitigates risk—help your organization perform at its best by preparing it for the worst. Join us for Part 1: drafting the plan.
2 min Detection and Response

Firewall Reporting Excessive SYN Packets? Check Rate of Connections

In this blog, we break-down what you should do if your firewall is reporting excessive SYN packets.

2 min InsightIDR

Faster Investigations, Closer Teamwork: InsightIDR Enhancements

Incident investigations aren’t easy. Imagine investigation as a 100-piece jigsaw puzzle, except there are a million unarranged pieces to build from. Top analysts need to know what “bad” looks like and how to find it, and they must bring a sharp Excel game to stitch everything together...
4 min Detection and Response

Changing the Corporate Network Attacker’s Risk-Reward Paradigm

Defending a corporate network is hard, while attacking one is all too easy. We break down the risk/reward ratio for corporate attackers and what we can do to change it.
5 min SIEM

SIEM Market Evolution And The Future of SIEM Tools

There’s a lot to be learned by watching a market like SIEM adapt as technology evolves, both for the attackers and the analysis.

3 min InsightIDR

InsightIDR Now Supports Multi-Factor Auth and Data Archiving

InsightIDR is now part of the Rapid7 platform. Learn more about our platform vision and how it enables you to have the SIEM solution you've always wanted.
2 min InsightIDR

How to Detect BitTorrent Traffic on your Network

Learn how to detect BitTorrent traffic on your network to capture metadata such as INFO-HASH, IP addresses, and usernames.

1 min InsightIDR

Want to Try InsightIDR in Your Environment? Free Trial Now Available

InsightIDR, our SIEM powered by user behavior analytics, is now available to try in your environment. This post shares how it can help your security team.
4 min InsightIDR

PCI DSS Dashboards in InsightIDR: New Pre-Built Cards

No matter how much you mature your security program [https://www.rapid7.com/fundamentals/security-program-basics/] and reduce the risk of a breach, your life includes the need to report across the company, and periodically, to auditors. We want to make that part as easy as possible. We built InsightIDR [https://www.rapid7.com/products/insightidr/] as a SaaS SIEM [https://www.rapid7.com/fundamentals/siem/] on top of our proven User Behavior Analytics (UBA) [https://www.rapid7.com/solutions/user-

Popular Topics

Tags