Gotten a chance to read Rapid7’s Quarterly Threat Report for 2018 Q1? If not (or if you’re more of an auditory learner), we’ve put together a 6-minute recap video of the major findings. In our Quarterly Threat Reports, our security researchers provide a wide-angle view of the threat landscape by leveraging intelligence from the Rapid7 Insight platform, Managed Services, Incident Response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community.

In this Whiteboard Wednesday discussion, Kwan Lin, Senior Data Scientist, takes us through the major trends and patterns of the threat landscape in 2018 Q1. Our researchers saw three main areas of concern for the modern IT defender: user identity, DDoS, and SMB & SMI, all of which are covered in the video below.


The key takeaways from the report? The research team suggests:

  1. Staying extra vigilant if you work in the healthcare industry—a growing target for malicious actors
  2. Double-checking for exposed systems, given the ubiquity of threat movement and remote entry attempts
  3. Re-training your team around the dangers of phishing to prevent credential leaks
  4. Continuing to watch for mundane dangers
  5. Bolstering DDoS defenses and performing business continuity tests to prepare for DDoS attack scenarios
  6. Checking firewall rules for possible SMI exposure on the public Internet, for organizations that utilize Cisco devices equipped with SMI

Want to dive deeper into the findings of the 2018 Q1 Threat Report?

Read the Full Report

As always, if there's a topic you'd like to see us cover on Whiteboard Wednesday, Tweet us @Rapid7, or use the hashtag #WBW. Thanks!