Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.

View Cookie Policy for full details

Rapid7 Blog

Bill Sharar  



How Adaptive Security fits into your Vulnerability Management Program

Building an Application Vulnerability Management Program, found in the SANS Institute Reading Room (https://www.sans.org/reading-room/whitepapers/application/building-application-v ulnerability-management-program-35297), identifies vulnerability program management as a cyclical process involving the following steps: Policy Discovery and Baseline Prioritization Shielding and Mitigation Eliminating the Root…

Use DHCP Discovery to Implement Critical Security Control 1

The number one critical security control from the Center for Internet Security recommends actively managing all hardware devices on the network:CSC 1: Inventory of Authorized and Unauthorized Devices Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized…

Measure, Analyze and Improve Your Server Controls Effectiveness with ControlsInsight 3.0

ControlsInsight 3.0 was released today adding coverage of security control effectiveness for Windows servers, which extends coverage of the attack surface to include servers, as well as, the desktop controls that have been supported since its initial release last year.According to the 2014…

Understanding Security Control Grades

One of the most valuable features of ControlsInsight is its ability to prioritize security control improvement guidance as a sequence of next steps. It does this by grading each security control configuration and ordering the guidance for each configuration by grade. ControlsInsight calculates the grade…