Rapid7 Blog

Rebekah Brown  

AUTHOR STATS:

16

Welcome to the Rapid7 2018 Threat Intel Book Club!

At the end of 2017 we had the opportunity to think back on the year and reflect on what was done right in threat intelligence in 2017 and what we could improve on. What stood out to me most over the past year was how…

Auld Lang Syne: Threat Intelligence Resolutions for 2018

It’s that time of the year again! It is the time where we look back over the past year to see what we accomplished, what we did well, what we can improve on for next year. In Cyber Threat Intelligence we had a lot…

Simplicity, Harmony, and Opportunity: Rapid7 Threat Report Q3 2017

John Archibald Wheeler, the theoretical physicist who first coined the term “wormhole” (and therefore brought us Deep Space 9) once listed Albert Einstein’s Three Rules of Work: Out of clutter find simplicity; from discord find harmony; in the middle of difficulty lies opportunity. These…

Survival of the fastest: evolving defenders with broad security automation

If you’ve read the news at all lately, you know that we're having some struggles with information security. Everything from elections to hospitals to Westeros is considered a target, and adversaries continue to learn and innovate—often faster than the defense can respond. It’…

Rapid7 Threat Report: Q2 2017

We cannot believe that we're already into August! Time really flies when the internet is constantly on fire. When it came time to analyze data for our Q2 Threat Report and pull out threat trends and landscape changes, there was plenty to work with. Q2…

Using Threat Intelligence to Mitigate Wanna Decryptor (WannaCry)

Basics of Cyber Threat Intelligence Cyber Threat Intelligence is analyzed information about the opportunities, capabilities, and intent of cyber adversaries. The goal of cyber threat intelligence is to help people make decisions about how to prevent, detect, and respond to threats against their networks. This…

The Shadow Brokers Leaked Exploits Explained

The Rapid7 team has been busy evaluating the threats posed by last Friday's Shadow Broker exploit and tool release and answering questions from colleagues, customers, and family members about the release. We know that many people have questions about exactly what was released, the threat…

3 Things We Learned From the Joint Analysis Report

2016 kept us on our toes right up to the very end - and its last curveball will have implications lasting well past the beginning of the new year. Speculation on Russian hacking is nothing new, but it picked up notably with the DNC hack…

12 Days of HaXmas: New Years Resolutions for the Threat Intelligence Analyst

Merry HaXmas to you! Each year we mark the 12 Days of HaXmas with 12 blog posts on hacking-related topics and roundups from the year. This year, we're highlighting some of the “gifts” we want to give back to the community. And while these gifts…

Cyber Threat Intelligence: How Do You Incorporate it in Your InfoSec Strategy?

In the age of user behavior analytics, next-gen attacks, polymorphic malware, and reticulating anomalies, is there a time and place for threat intelligence? Of course there is! But – and it seems there is always a ‘but' with threat intelligence – it needs to be carefully applied…

The State of Cyber Threat Intelligence

The SANS State of Cyber Threat Intelligence Survey has been released and highlights some important issues with cyber threat intelligence:Usability is still an issue - Almost everyone is using some sort of cyber threat intelligence. Hooray! The downside – there is still confusion as…

Threat Intelligence Foundations: Crawl, Walk, Analyze - Part 3

This is the third post in a three-part series on threat intelligence foundations, discussing the fundamentals of how threat intelligence can be used in security operations. Here's Part 1 and Part 2.Intelligence Analysis in Security OperationsIn the first two parts of this series we…

Threat Intelligence Foundations: Crawl, Walk, Analyze - Part 2

This is the second post in a three-part series on threat intelligence foundations, discussing the fundamentals of how threat intelligence can be used in security operations. Read Part One here. Tinker, Tailor, Soldier, Spy: Utilizing Multiple Types of IntelligenceJust as there are different operational levels…

Threat Intelligence Foundations: Crawl, Walk, Analyze - Part 1

This is the first post in a three-part series on threat intelligence foundations, discussing the fundamentals of how threat intelligence can be used in security operations. There is a consensus among many in threat intelligence that the way the community has approached threat intelligence in…

How to Build Threat Intelligence into your IDR Strategy: Webinar FAQ

Thanks to everyone who joined our webinar on How to Build Threat Intelligence into your Incident Detection and Response Program. We got so many great questions during the session that we decided to follow up with a post answering them and addressing the trends and…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More