5 min
SIEM
SIEM Market Evolution And The Future of SIEM Tools
There’s a lot to be learned by watching a market like SIEM adapt as technology evolves, both for the attackers and the analysis.
3 min
InsightIDR
InsightIDR Now Supports Multi-Factor Auth and Data Archiving
InsightIDR is now part of the Rapid7 platform. Learn more about our platform vision and how it enables you to have the SIEM solution you've always wanted.
1 min
InsightIDR
Want to Try InsightIDR in Your Environment? Free Trial Now Available
InsightIDR, our SIEM powered by user behavior analytics, is now available to try in your environment. This post shares how it can help your security team.
4 min
InsightIDR
PCI DSS Dashboards in InsightIDR: New Pre-Built Cards
No matter how much you mature your security program
[https://www.rapid7.com/fundamentals/security-program-basics/] and reduce the
risk of a breach, your life includes the need to report across the company, and
periodically, to auditors. We want to make that part as easy as possible.
We built InsightIDR [https://www.rapid7.com/products/insightidr/] as a SaaS SIEM
[https://www.rapid7.com/fundamentals/siem/] on top of our proven User Behavior
Analytics (UBA) [https://www.rapid7.com/solutions/user-
4 min
User Behavior Analytics
SIEM Tools Aren't Dead, They're Just Shedding Some Extra Pounds
Security Information and Event Management (SIEM)
[https://www.rapid7.com/fundamentals/siem/] is security's Schrödinger's cat.
While half of today's organizations have purchased SIEM tools, it's unknown if
the tech is useful to the security team… or if its heart is even beating or
deployed. In response to this pain, people, mostly marketers, love to shout that
SIEM is dead, and analysts are proposing new frameworks with SIEM 2.0/3.0,
Security Analytics, User & Entity Behavior Analytics
[https://w
4 min
SIEM
Displace SIEM "Rules" Built for Machines with Custom Alerts Built For Humans
If you've ever been irritated with endpoint detection being a black box and SIEM
[https://www.rapid7.com/solutions/siem.jsp?CS=blog] detection putting the entire
onus on you, don't think you had unreasonable expectations; we have all wondered
why solutions were only built at such extremes. As software has evolved and our
base expectations with it, a lot more people have started to wonder why it
requires so many hours of training just to make solutions do what they are
designed to do. Defining a
3 min
Vulnerability Management
Warning: This Blog Post Contains Multiple Hoorays! #sorrynotsorry
Hooray for crystalware!
I hit a marketer's milestone on Thursday – my first official award ceremony,
courtesy of the folks at Computing Security Awards
[https://computingsecurityawards.co.uk/], which was held at The Cumberland Hotel
in London. Staying out late on a school night when there's a 16 month old
teething toddler in the house definitely took it's toll the following morning,
but the tiredness was definitely softened by the sweet knowledge that we'd left
the award ceremony brandishing so
5 min
Incident Response
What Makes SIEMs So Challenging?
I've been at the technical helm for dozens of demonstrations and evaluations of
our incident detection and investigation solution, InsightIDR
[https://www.rapid7.com/products/insightidr/], and I've been running into the
same conversation time and time again: SIEMs aren't working for incident
detection and response. At least, they aren't working without investing a lot
of time, effort, and resources to configure, tune, and maintain a SIEM
deployment. Most organizations don't have the recommende
5 min
SIEM
5 Ways Attackers Can Evade a SIEM
I've been in love with the idea of a SIEM
[https://www.rapid7.com/fundamentals/siem/] since I was a system administrator.
My first Real Job™ was helping run a Linux-based network for a public
university. We were open source nuts, and this network was our playground.
Things did not always work as intended. Servers crashed, performance was
occasionally iffy on the fileserver and the network, and we were often
responding to outages.
Of course, we had tools to alert us when outages were going on. I
2 min
SIEM
Get HP ArcSight Alerts on Compromised Credentials, Phishing Attacks and Suspicious Behavior
If you're using HP ArcSight ESM as your SIEM, you can now add user-based
incident detection and response to your bag of tricks. Rapid7 is releasing a new
integration between Rapid7 UserInsight
[http://www.rapid7.com/products/user-insight/] and HP ArcSight ESM
[http://www8.hp.com/us/en/software-solutions/arcsight-esm-enterprise-security-management/]
, which enables you to detect, investigate and respond to security threats
targeting a company's users more quickly and effectively.
HP ArcSight is