Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Wade Woolwine  

Wade Woolwine, Principal Security Researcher, focuses on threat intelligence and security program maturity and effectiveness.

Rapid7 Releases Q2 2020 Quarterly Threat Report

It’s hard to believe it’s already the end of September, and with it comes Rapid7’s Q2 2020 Quarterly Threat Report.…

4 Common Goals For Vulnerability Risk Management Programs

This post will give you a glimpse into the research to pinpoint under-served and unmet customer needs in the vulnerability risk management space.…

Top 3 Outcomes Organizations Try to Achieve in Their Incident Detection and Response Programs

In this blog, we break down the top three outcomes organizations try to achieve in their Detection and Response programs.…

Why Our Future in InfoSec Depends on Automation

In this blog, we discuss why our future in Information Security depends on automation.…

How to Define Business Value for Security Programs

Today, we're evaluating the categorization of Detection and Response program outcomes and Attack Surface Management outcomes uncovered by Rapid7's UX team.…

3 Questions to Ask Yourself When Justifying Your Infosec Program

In this blog post, we propose a framework by which most organizations can understand, evaluate, roadmap, and execute on their security programs.…

10 Threat Detection and Response Resolutions for 2020

From knowing what you have, who may want it, and how they can get it: these 10 IDR resolutions for 2020 are sure to keep you busy.…

Rapid7 Quarterly Threat Report: 2019 Q3

In this blog, we dive into the Rapid7 Quarterly Threat Report for Q3 of 2019 and the MITRE ATT&CK™ framework.…

How to Develop a Common Language for Security Buy-In Across Your Business

In this blog, we break-down what keeps organizations from advancing their security programs, and how businesses can establish security priorities.…

How to Set Up Your Security Operations Center (SOC) for Success

Whether you’re looking to add coverage or are experiencing challenges with your existing security operations center (SOC), it's important to consider these factors before making a decision.…

Managed Threat Detection and Response: The Questions You Need to Ask Vendors

In this post, Wade Woolwine, managed services director of technology at Rapid7, details our approach to managed detection and response: visibility, analytics, and arming our analysts with smart, customizable automation. Defending the modern enterprise is hard work. Between the need for round-the-clock coverage, technology to…

Changing Threat Landscape Evolves IDR

This is part 2 of a 2-part blog series on how Incident Response is changing. Here's part one. The changing threat landscape forced an evolution in incident detection & response (IDR) that encompasses changes in tools, process, and people. While in 2005 we could get…

Incident Response: The Times They Are A Changin'

While everyone in the security world is seemingly at RSA Conference, my mind has been searching through the past. It actually started a few weeks ago, when Gartner's Anton Chuvakin asked for examples of how today's Incident Detection & Response (IDR) is different from 2005.…

How to mitigate the threat of an extortion attempt against your organization

We've had a few conversations with our customers recently who have alerted us to extortion attempts against their organizations. Thankfully, none were successful. This post is to detail the events that have transpired so that you can alert your organizations and increase your odds of…

Preparing for Incident Response

Today, we launched a short Whiteboard Wednesday video aimed at providing a brief overview of how to effectively prepare for an incident. In this post, I'd like to expand on that a little bit by providing some additional concrete steps on how most organizations should…

Never miss a blog

Get the latest stories, expertise, and news about security today.