Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Automation and Orchestration  

How to Password Protect Apache Directories with mod_authn_dbd and MySQL on Ubuntu Linux

Synopsis The mod_authn_dbd is an Apache module that provides the functionality for Apache to authenticate users with MySQL database. This module provides authentication front-ends such as mod_auth_digest and mod_auth_basic to authenticate users by looking up users in MySQL tables.…

How To Secure Apache with Let's Encrypt on Ubuntu Linux

Synopsis Improving your website security has generally been most complicated and expensive task for every Linux administrator. Let’s Encrypt is a free, automated, and open certificate authority that provides free X.509 certificates for Transport Layer Security encryption via an automated process. It is…

How to Secure SSH Server using Port Knocking on Ubuntu Linux

Synopsis Port Knocking is a method used to secure your port access from unauthorised users. Port Knocking works by opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received,…

How to Secure MySQL Server on Ubuntu Linux

Synopsis Now a day database server is very critical and necessary component for any applications. Databases can be found in everything from web applications, web server to smartphones and other devices. Most of software applications rely on a database to store its data. This is…

How to Send Bro Event Data to Komand

Our integrations team recently attended BroCon at the National Center for Supercomputing Applications in Urbana, IL. BroCon is an annual network security monitoring conference for users and developers of the Bro network security monitoring platform. They got excited about the interesting research going on, and…

How Security Teams Can Learn to Advocate for Resources

It’s no secret that security teams today are severely resource-constrained and busier than ever.  As your days get longer, the work becomes more complex, and you begin to burn out, you need to be able to advocate for more resources — whether that be for…

An Interview with Rebekah Brown, Co-Author of Intelligence-Driven Incident Response

We recently interviewed Rebekah Brown for our Defender Spotlight series on the topic of her life as a cybersecurity defender. When we spoke with her, she also talked in-depth about how threat intelligence can inform and improve the incident response lifecycle. Rebekah practices these concepts…

RSA (Rivest, Shamir and Adleman)

Synopsis Rivest, Shamir & Adleman (RSA) is the public key cryptosystem.  The phenomenon of data transmission is secured through it. The letters “RSA” are the initials of the inventor of the system. Four steps are incorporated in this algorithm: Encryption, Decryption, Key Distribution and Key…

DES (Data Encryption Standard)

Synopsis The Data which is encrypted by symmetric key method is called Data Encryption Standard (DES). It was prepared by IBM Team in 1974 and declared as national standard in 1977. Government was also using cryptography, especially in diplomatic communication and military. Without cryptography it’…

How to Use Your Threat Model as a Guidepost for Security

The threats you face are unique to your company's size, industry, customer base, and many other factors. So your approach to protecting your organization's digital data should be unique, too. In this post, we’ll cover a framework to develop an effective threat model that…

Defender Spotlight: Rebekah Brown, Threat Intelligence Lead at Rapid7

Welcome to Defender Spotlight! In this blog series, we interview cybersecurity defenders of all varieties about their experience working in security operations. Editor's Note: When we originally approached Rebekah for the Defender Spotlight series, Komand and Rapid7 had not yet discussed acquisition. Some time after…

Exploring SHA-1 (Secure Hash Algorithm)

Synopsis In computer cryptography, a popular message compress standard is utilized known as Secure Hash Algorithm (SHA). Its enhanced version is called SHA-1. It has the ability to compress a fairly lengthy message and create a short message abstract in response.  The algorithm can be…

Triple DES, 3-DES Network Encryptor

Synopsis Triple Data Encryption Algorithm (3DES) is an advancement of the popular DES standard.  3DES utilizes symmetric key block cipher. Using three unrelated 64 bit keys, 3DES was created to encrypt 64 bit blocks of data.    In DES block, each key is utilized as an…

The Future of Komand is Bright

When Komand was founded, we had a simple vision: make cybersecurity better for everyone, together as a community. It’s a grand statement, but in order to achieve big, you have to dream big. And so we dreamt big with Komand. To help security teams…

Balancing Human and Machine Input in Information Security

Humans have feared the takeover of machines since the early days of the personal computer. But if anything, machines (namely, security tools) have made us more powerful, more effective, and more connected. While they eliminate many manual, human tasks, this can actually be a good…