Rapid7 Blog

Compliance  

Prepare for Battle: Let’s Build an Incident Response Plan (Part 3)

Now, it’s time for the fun stuff. While an incident response plan review may feel like practicing moves on a wooden dummy, stress testing should feel more like Donnie Yen fighting ten people for bags of rice in Ip Man…

Prepare for Battle: Let’s Build an Incident Response Plan (Part 2)

In Part 1, we covered key considerations when drafting an incident response plan. Here, we'll cover the best way to get buy-in from key company stakeholders...…

GDPR Compliance Checklist: December – Assess & Review

With under six months to go until the General Data Protection Regulation (GDPR) comes into force, organizations that handle the personal data of EU citizens are preparing for this new compliance regulation. In order to help you through this new regulation, we’re creating a…

Prepare for Battle: Let’s Build an Incident Response Plan (Part 1)

Creating and testing an IR plan mitigates risk—help your organization perform at its best by preparing it for the worst. Join us for Part 1: drafting the plan.…

GDPR Preparation: November – Form & Storm

With just over six months to go until the General Data Protection Regulation (GDPR) comes into force, organizations that handle the personal data of EU citizens are preparing for this new compliance regulation. If you’ve not gotten started yet, or your plans are still…

NIST Standards and Why They Matter

A primer on implementing NIST recommendations by guest author Matt Kelly…

Australian Privacy Amendment (Notifiable Data Breaches) Bill 2016

Mandatory notification of data breaches is becoming more commonplace across the globe. Many financial institutions are now required to comply with NY DFS, any organization processing the personal data of EU citizens should be in the midst of their GDPR preparations, and now Australia has…

Maximizing PCI Compliance with Nexpose and Coalfire

In 2007 Coalfire selected Rapid 7 Nexpose as the engine around which to build their PCI Approved Scan Vendor offering.  PCI was just a few years old and merchants were struggling to achieve and document full compliance with the highly proscriptive Data Security Standard.…

New and Improved Policy Manager

This year we've made many enhancements to the configuration policy assessment capabilities in Nexpose, including adding 4 new reports and NIST 800-53 controls mapping. Last week we unveiled a new and improved user interface for the Policy Manager, providing you with more information on your…

[Q&A] User Behavior Analytics as Easy as ABC Webcast

Earlier this week, we had a great webcast all about User Behavior Analytics (UBA). If you'd like to learn why organizations are benefiting from UBA, including how it works, top use cases, and pitfalls to avoid, along with a demo of Rapid7 InsightIDR, check out…

Getting More Out of Nexpose Policy Reports

Auditing your systems for compliance with secure configuration policies like CIS, DISA STIGs, and USBCG is an important part of any effective security program, not to mention a requirement for many industry and regulatory compliances like PCI, DSS, and FISMA. With Nexpose, you can automate…

Seven Ways InsightIDR Helps Maintain PCI Compliance

“Compliance is king.” This is a familiar saying for any company that processes credit card transactions, where being compliant with the Payment Card Industry Data Security Standard, or PCI DSS, reigns supreme. Any entity that stores, processes, or transmits cardholder data must abide by the…

People and Process Are Keys to Compliance, Tech Simply Must Make Them Both More Efficient

Compliance is not always an exciting topic to write about, in fact it's almost NEVER an exciting topic to write about, but that doesn't diminish its importance. For those of you in security who must adhere to a varietal (first of many references to adult…

Redner's Markets Selects Nexpose & InsightUBA for Compliance and Incident Detection

With breaches making regular headlines, security teams are under more scrutiny than ever before. This is especially true in retail, where strong security practices are paramount to protecting customer and organizational data. PCI DSS compliance is a key component of any retail organization's security program.…

New Policy Reports in Nexpose

With Nexpose, you can assess your network for secure configurations at the same time as vulnerabilities, giving you a unified view of your risk and compliance posture. The latest version of Nexpose focuses on making it easier to understand how well you're doing and the…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now