3 min
Application Security
Application Security Takes Center Stage in this Year’s Verizon Data Breach Investigations Report
In recent years, web applications have become the biggest target for attacks, as they’re the easiest way for hackers to gain access to valuable information.
6 min
Verizon DBIR
Dancing With the Breaches: A Quick Step Through the 2020 Verizon Data Breach Investigations Report (DBIR)
In this blog, the Rapid7 Labs team has you covered with our annual Reader’s Guide for the 2020 Verizon Data Breach Investigations Report.
7 min
Verizon DBIR
2017 Verizon Data Breach Report (DBIR): Key Takeaways
The much-anticipated, tenth-anniversary edition of the Verizon DBIR has been
released (Updated here: https://www.verizon.com/business/resources/reports/dbir/
), once again providing a data-driven snapshot into what topped the cybercrime
charts in 2016. There are just under seventy-five information-rich pages to go
through, with topics ranging from distributed denial-of-service (DDoS)
[https://www.rapid7.com/fundamentals/denial-of-service-attacks/] to ransomware,
prompting us to spin a reprise ed
7 min
Verizon DBIR
The 2016 Verizon Data Breach Investigations Report (DBIR) Summary - The Defender's Perspective
Verizon has released the report
[https://www.verizon.com/business/resources/reports/dbir/] of their annual Data
Breach Investigations Report (DBIR). Their crack team of researchers have, once
again, produced one of the most respected, data-driven reports in cyber
security, sifting through submissions from 67 contributors and taking a deep
dive into 64,000 incidents—and nearly 2,300 breaches—to help provide insight on
what our adversaries are up to and how successful they've been.
The DBIR is a
1 min
Verizon DBIR
Getting Started with VERIS
We did a webcast with @hrbrmstr @gdbassett from the Verizon team last week,
discussing how to get started VERIS, the Vocabulary for Event Recording and
Incident Sharing.
If you joined us, thanks for coming out. We've attached an Excel spreadsheet
with a couple of examples to help you get started at VERIS level 2, a couple of
layouts to consider using... and we will be providing some updates. Special
thanks to Judy Nowak for her hard work on the spreadsheet -- be looking for a
blog post from her
2 min
Verizon DBIR
What is VERIS?
Data driven security is all the rage, and laughably few of us encode and analyze
our programs… and for good reason. It isn't easy. This post will talk about
VERIS, a framework for describing security incidents in a precise way.
We all have a plan, a security program, compliance regulations, and super busy
calendars—but what is working? The answer is hidden in plain sight, it just
needs to be analyzed. And this is why we all love the DBIR.
If you aren't familiar with Verizon's DBIR (Data Breach
2 min
Metasploit
Federal Friday - 4.25.14 - A Whole Lot of Oops
Happy Friday, Federal friends! I hope all of you enjoyed some nice family time
over the respective holidays last week. After a successful Marathon Monday here
in Boston we're blessed with chirping birds and blooming flowers (finally)!
As you all probably know by now, Verizon released their latest DBIR
[http://www.verizonenterprise.com/DBIR/2014/reports/rp_dbir-2014-executive-summary_en_xg.pdf]
report earlier this week. While this report covered a wide range of topics in
regards to breaches, I
1 min
Verizon DBIR
Nightmare on Pwn Street
We've gone a little Halloween-crazy this year over here at Rapid7 Towers. Check
out this week's Whiteboard Wednesday video to hear how organizations are like
the protagonists of horror movies; making decisions that may ultimately make
them vulnerable to attack. In addition, while we were carving our pumpkins and
sewing our costumes, we got to thinking about one of the most horrifying
realities in information security: many organizations keep falling victim to the
same tricks they've seen in the