Rapid7 Blog

Compliance  

GDPR Preparation March and April: Course Correct

Wow, how did March just happen? Living in a country that just fell apart like a clown car because of snow, it’s still feeling decidedly wintery here in the UK, and as a weather obsessed Brit I am fully looking forward to sunnier times.…

Tonight I'm gonna IR like it's 99 (days until GDPR)…

Sorry Nena, it was going to be you or Prince that was going to get the headline, and whilst 99 Red Balloons is a catchy 80’s classic, I had to give credit to His Royal Purpleness. It was that or pay tribute to a…

HIPAA Security Compliance Fallacies (And How To Avoid Them)

Health Insurance Portability and Accountability Act (HIPAA) compliance hasn’t been what I thought it was going to be. When I first started out as an independent security consultant, I was giddy over the business opportunities that I just knew HIPAA compliance was going to…

An Open Letter to the Office of the Australian Information Commissioner

Dear OAIC, I love your website. I really, really, really, really, REALLY love your website. It is brilliant. Thank you. Warm regards, Samantha Humphries Rapid7 Senior Manager, Global Markets & Compliance Glad I’ve got that off my chest. I should probably elaborate on my…

February – Test & Take Note

Well, if there’s one good thing to say about February, especially for those of us deep in the bowels of winter, it’s that January is finally behind us. However, it does bring the impending GDPR compliance date ever closer. February 25th 2018 marks…

GDPR Preparation Checklist: January – Teach and Tidy

New year, new things to think about when it comes to your GDPR compliance preparations. Hopefully your GDPR project is in full swing by now. If it’s not, then you do really need to be getting your skates well and truly on. Do take…

Prepare for Battle: Let’s Build an Incident Response Plan (Part 4)

This is not a drill. In this final installment, read our recommendations for handling a real incident. Whether opportunistic or targeted, here's what you should be thinking about.…

Prepare for Battle: Let’s Build an Incident Response Plan (Part 3)

Now, it’s time for the fun stuff. While an incident response plan review may feel like practicing moves on a wooden dummy, stress testing should feel more like Donnie Yen fighting ten people for bags of rice in Ip Man…

Prepare for Battle: Let’s Build an Incident Response Plan (Part 2)

In Part 1, we covered key considerations when drafting an incident response plan. Here, we'll cover the best way to get buy-in from key company stakeholders...…

GDPR Compliance Checklist: December – Assess & Review

With under six months to go until the General Data Protection Regulation (GDPR) comes into force, organizations that handle the personal data of EU citizens are preparing for this new compliance regulation. In order to help you through this new regulation, we’re creating a…

Prepare for Battle: Let’s Build an Incident Response Plan (Part 1)

Creating and testing an IR plan mitigates risk—help your organization perform at its best by preparing it for the worst. Join us for Part 1: drafting the plan.…

GDPR Preparation: November – Form & Storm

With just over six months to go until the General Data Protection Regulation (GDPR) comes into force, organizations that handle the personal data of EU citizens are preparing for this new compliance regulation. If you’ve not gotten started yet, or your plans are still…

NIST Standards and Why They Matter

A primer on implementing NIST recommendations by guest author Matt Kelly…

Australian Privacy Amendment (Notifiable Data Breaches) Bill 2016

Mandatory notification of data breaches is becoming more commonplace across the globe. Many financial institutions are now required to comply with NY DFS, any organization processing the personal data of EU citizens should be in the midst of their GDPR preparations, and now Australia has…

Maximizing PCI Compliance with Nexpose and Coalfire

In 2007 Coalfire selected Rapid 7 Nexpose as the engine around which to build their PCI Approved Scan Vendor offering.  PCI was just a few years old and merchants were struggling to achieve and document full compliance with the highly proscriptive Data Security Standard.…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More