Rapid7 Blog

Rebekah Brown  

AUTHOR STATS:

14

Simplicity, Harmony, and Opportunity: Rapid7 Threat Report Q3 2017

John Archibald Wheeler, the theoretical physicist who first coined the term “wormhole” (and therefore brought us Deep Space 9) once listed Albert Einstein’s Three Rules of Work: Out of clutter find simplicity; from discord find harmony; in the middle of difficulty lies opportunity. These…

Survival of the fastest: evolving defenders with broad security automation

If you’ve read the news at all lately, you know that we're having some struggles with information security. Everything from elections to hospitals to Westeros is considered a target, and adversaries continue to learn and innovate—often faster than the defense can respond. It’…

Rapid7 Threat Report: Q2 2017

We cannot believe that we're already into August! Time really flies when the internet is constantly on fire. When it came time to analyze data for our Q2 Threat Report and pull out threat trends and landscape changes, there was plenty to work with. Q2…

Using Threat Intelligence to Mitigate Wanna Decryptor (WannaCry)

Basics of Cyber Threat Intelligence Cyber Threat Intelligence is analyzed information about the opportunities, capabilities, and intent of cyber adversaries. The goal of cyber threat intelligence is to help people make decisions about how to prevent, detect, and respond to threats against their networks. This…

The Shadow Brokers Leaked Exploits Explained

The Rapid7 team has been busy evaluating the threats posed by last Friday's Shadow Broker exploit and tool release and answering questions from colleagues, customers, and family members about the release. We know that many people have questions about exactly what was released, the threat…

3 Things We Learned From the Joint Analysis Report

2016 kept us on our toes right up to the very end - and its last curveball will have implications lasting well past the beginning of the new year. Speculation on Russian hacking is nothing new, but it picked up notably with the DNC hack…

12 Days of HaXmas: New Years Resolutions for the Threat Intelligence Analyst

Merry HaXmas to you! Each year we mark the 12 Days of HaXmas with 12 blog posts on hacking-related topics and roundups from the year. This year, we're highlighting some of the “gifts” we want to give back to the community. And while these gifts…

Cyber Threat Intelligence: How Do You Incorporate it in Your InfoSec Strategy?

In the age of user behavior analytics, next-gen attacks, polymorphic malware, and reticulating anomalies, is there a time and place for threat intelligence? Of course there is! But – and it seems there is always a ‘but' with threat intelligence – it needs to be carefully applied…

The State of Cyber Threat Intelligence

The SANS State of Cyber Threat Intelligence Survey has been released and highlights some important issues with cyber threat intelligence:Usability is still an issue - Almost everyone is using some sort of cyber threat intelligence. Hooray! The downside – there is still confusion as…

Threat Intelligence Foundations: Crawl, Walk, Analyze - Part 3

This is the third post in a three-part series on threat intelligence foundations, discussing the fundamentals of how threat intelligence can be used in security operations. Here's Part 1 and Part 2.Intelligence Analysis in Security OperationsIn the first two parts of this series we…

Threat Intelligence Foundations: Crawl, Walk, Analyze - Part 2

This is the second post in a three-part series on threat intelligence foundations, discussing the fundamentals of how threat intelligence can be used in security operations. Read Part One here. Tinker, Tailor, Soldier, Spy: Utilizing Multiple Types of IntelligenceJust as there are different operational levels…

Threat Intelligence Foundations: Crawl, Walk, Analyze - Part 1

This is the first post in a three-part series on threat intelligence foundations, discussing the fundamentals of how threat intelligence can be used in security operations. There is a consensus among many in threat intelligence that the way the community has approached threat intelligence in…

How to Build Threat Intelligence into your IDR Strategy: Webinar FAQ

Thanks to everyone who joined our webinar on How to Build Threat Intelligence into your Incident Detection and Response Program. We got so many great questions during the session that we decided to follow up with a post answering them and addressing the trends and…

12 Days of HaXmas: Charlie Brown Threat Intelligence

This post is the third in the series, "The 12 Days of HaXmas." “Get the biggest aluminum threat feed you can find, Charlie Brown, maybe painted pink.” It has been a few years now since the term “cyber threat intelligence” entered mainstream, and…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now