Posts tagged Verizon DBIR

3 min Application Security

Application Security Takes Center Stage in this Year’s Verizon Data Breach Investigations Report

In recent years, web applications have become the biggest target for attacks, as they’re the easiest way for hackers to gain access to valuable information.

6 min Verizon DBIR

Dancing With the Breaches: A Quick Step Through the 2020 Verizon Data Breach Investigations Report (DBIR)

In this blog, the Rapid7 Labs team has you covered with our annual Reader’s Guide for the 2020 Verizon Data Breach Investigations Report.

7 min Verizon DBIR

2017 Verizon Data Breach Report (DBIR): Key Takeaways

The much-anticipated, tenth-anniversary edition of the Verizon DBIR has been released (Updated here: https://www.verizon.com/business/resources/reports/dbir/ ), once again providing a data-driven snapshot into what topped the cybercrime charts in 2016. There are just under seventy-five information-rich pages to go through, with topics ranging from distributed denial-of-service (DDoS) [https://www.rapid7.com/fundamentals/denial-of-service-attacks/] to ransomware, prompting us to spin a reprise ed

7 min Verizon DBIR

The 2016 Verizon Data Breach Investigations Report (DBIR) Summary - The Defender's Perspective

Verizon has released the report [https://www.verizon.com/business/resources/reports/dbir/] of their annual Data Breach Investigations Report (DBIR). Their crack team of researchers have, once again, produced one of the most respected, data-driven reports in cyber security, sifting through submissions from 67 contributors and taking a deep dive into 64,000 incidents—and nearly 2,300 breaches—to help provide insight on what our adversaries are up to and how successful they've been. The DBIR is a

1 min Verizon DBIR

Getting Started with VERIS

We did a webcast with @hrbrmstr @gdbassett from the Verizon team last week, discussing how to get started VERIS, the Vocabulary for Event Recording and Incident Sharing. If you joined us, thanks for coming out. We've attached an Excel spreadsheet with a couple of examples to help you get started at VERIS level 2, a couple of layouts to consider using... and we will be providing some updates. Special thanks to Judy Nowak for her hard work on the spreadsheet -- be looking for a blog post from her

2 min Verizon DBIR

What is VERIS?

Data driven security is all the rage, and laughably few of us encode and analyze our programs… and for good reason. It isn't easy. This post will talk about VERIS, a framework for describing security incidents in a precise way. We all have a plan, a security program, compliance regulations, and super busy calendars—but what is working? The answer is hidden in plain sight, it just needs to be analyzed. And this is why we all love the DBIR. If you aren't familiar with Verizon's DBIR (Data Breach

2 min Metasploit

Federal Friday - 4.25.14 - A Whole Lot of Oops

Happy Friday, Federal friends! I hope all of you enjoyed some nice family time over the respective holidays last week. After a successful Marathon Monday here in Boston we're blessed with chirping birds and blooming flowers (finally)! As you all probably know by now, Verizon released their latest DBIR [http://www.verizonenterprise.com/DBIR/2014/reports/rp_dbir-2014-executive-summary_en_xg.pdf] report earlier this week. While this report covered a wide range of topics in regards to breaches, I

1 min Verizon DBIR

Nightmare on Pwn Street

We've gone a little Halloween-crazy this year over here at Rapid7 Towers. Check out this week's Whiteboard Wednesday video to hear how organizations are like the protagonists of horror movies; making decisions that may ultimately make them vulnerable to attack. In addition, while we were carving our pumpkins and sewing our costumes, we got to thinking about one of the most horrifying realities in information security: many organizations keep falling victim to the same tricks they've seen in the