Posts tagged Incident Response

10 min Detection and Response

Unlocking the Power of the InsightIDR Threat API, Part 2

In this post, we’ll demonstrate how to scrape a few sites for possible bad actors using InsightIDR.

7 min InsightIDR

Be Audit You Can Be, Part 1: How to Securely Send and Monitor Your Audit Logs with InsightIDR

In this blog, we discuss how to collect the audit trail from a device or application using InsightVM and InsightIDR.

13 min InsightIDR

Import External Threat Intelligence with the InsightIDR Threats API

In this blog, we explain how to automate updating threat feeds in InsightIDR using the REST API.

8 min AWS

Automating the Cloud: AWS Security Done Efficiently

Today, we are going to be installing software on all your existing EC2 instances across several (or all!) accounts under an organization in AWS.

4 min Cloud Infrastructure

Cloud Security Primer: The Basics You Need to Know

What do you need to do to secure your cloud-based systems while enjoying the competitive benefits of the cloud? Read this blog to find out.

4 min InsightIDR

The Importance of Preventing and Detecting Malicious PowerShell Attacks

In this blog, we will discuss why organizations should care about malicious PowerShell activity, how attackers use PowerShell to steal credentials, and how to prevent and detect malicious PowerShell activity.

5 min InsightIDR

How to Monitor Your AWS S3 Activity with InsightIDR

In this blog, we discuss AWS S3 buckets and how Rapid7's InsightIDR can help you monitor important activity.

3 min Cloud Infrastructure

Why the Modern SIEM Is in the Cloud

Let’s talk about why modern SIEM is in the cloud, what core benefits you can expect, and how it is predicted to evolve as we soar toward 2020.

4 min Cloud Infrastructure

Your Guide to Securing Multi-Cloud Environments in an IaaS World

In this post, we’ll cover the unique challenges with securing cloud environments, and some best practices specifically focused on securing multi-cloud infrastructure.

4 min InsightIDR

Securing Your Cloud Environments with InsightIDR, Part 2: Amazon Web Services (AWS)

In this blog, we will talk about threat detection for the world’s most popular cloud host, Amazon Web Services (AWS).

3 min InsightIDR

Announcing CyberArk and InsightIDR Integration: Connect CyberArk with InsightIDR to Visualize and Investigate Your Privileged Access

To help companies monitor user behavior, secure privileged access, and identify attacks on passwords, we are teaming up with CyberArk.

3 min InsightIDR

Utilize File Integrity Monitoring to Address Critical Compliance Needs

To help organizations address their compliance auditing needs, we are excited to introduce file integrity monitoring (FIM) for InsightIDR.

3 min Incident Detection

How to Alert on Rogue DHCP Servers

How to alert on rogue DHCP servers using network traffic as a data source. We look at how you can use Wireshark or LANGuardian to detect DHCP servers.

3 min Incident Detection

5 Tips For Monitoring Network Traffic on Your Network

Monitoring traffic on your network is important if you want to keep it secure. These five tips will help you get the most out of your (NTA) tool.

3 min InsightIDR

Detecting Inbound RDP Activity From External Clients

Today, we discuss how to detect inbound RDP activity from external clients.