Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Joel Cardella  

AUTHOR STATS:

6

The CIS Critical Security Controls Series

What are the CIS Critical Security Controls? The Center for Internet Security (CIS) Top 20 Critical Security Controls (previously known as the SANS Top 20 Critical Security Controls), is an industry-leading way to answer your key security question: “How can I be prepared to stop…

The CIS Critical Security Controls Explained - Control 4: Controlled Use of Administrative Privilege

The ultimate goal of an information security program is to reduce risk. Often, hidden risks run amok in organizations that just aren't thinking about risk in the right way. Control 4 of the CIS Critical Security Controls can be contentious, can cause bad feelings, and…

The CIS Critical Security Controls Explained - Control 5: Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers

Stop No. 5 on our tour of the CIS Critical Security Controls (previously known as the SANS Top 20 Critical Security Controls) deals with Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers. This is great timing with the announcement of…

Disaster Preparedness: It's Not Thought Of Until It Is Needed Most

...and then it might be too late.An update from Delta CEO Ed Bastian: pic.twitter.com/udNN0kzbKs— Delta (@Delta) August 8, 2016Recently, Delta Airlines suffered a weeklong outage that, if you take it on it's face, ticks just about every box on a…

Sometimes the simplest security works the best

The FBI this week posted an alert that showed wire transfer scams bled $2.3 Billion from “business email compromise” from October 2013 through February 2016.  A couple of news outlets picked this up, including Brian Krebs. When I was the head of security at…

The End Of The Internet

On Sept 24th, ARIN announced it had finally run out of IPv4 addresses. The open pool of IPv4 addresses is now gone, and the only way to get them now is via a transfer from another party who owns them or IP ranges which are…