Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Detection and Response  

How to Define Business Value for Security Programs

Today, we're evaluating the categorization of Detection and Response program outcomes and Attack Surface Management outcomes uncovered by Rapid7's UX team.…

Intro to the SOC Visibility Triad

In this blog, we break-down the three pillars of the Security Operations Center (SOC) Visibility Triad.…

How to Analyze Your Log Data Using the Log Search API in InsightIDR

In this blog, we discuss how to analyze your log data using InsightIDR's Log Search API.…

InsightIDR: 2019 Year in Review

As we turn the corner into the new year, our team has been looking back at 2019 and reflecting on some of our most exciting updates from InsightIDR.…

10 Threat Detection and Response Resolutions for 2020

From knowing what you have, who may want it, and how they can get it: these 10 IDR resolutions for 2020 are sure to keep you busy.…

Be Audit You Can Be, Part 2: How to Parse Out Fields in Your Logs

In this blog, we take a look at how InsightIDR’s Custom Data Parsing tool can make quick work of parsing out those interesting fields in the logs.…

Unlocking the Power of the InsightIDR Threat API, Part 2

In this post, we’ll demonstrate how to scrape a few sites for possible bad actors using InsightIDR.…

Be Audit You Can Be, Part 1: How to Securely Send and Monitor Your Audit Logs with InsightIDR

In this blog, we discuss how to collect the audit trail from a device or application using InsightVM and InsightIDR.…

Accelerating Incident Response with Threat Intelligence and Alert Enrichment

Rapid7 continues to invest in making automation more accessible for security professionals across the entire Insight Cloud product suite and our standalone SOAR solution, InsightConnect.…

Import External Threat Intelligence with the InsightIDR Threats API

In this blog, we explain how to automate updating threat feeds in InsightIDR using the REST API.…

The Fundamentals of Building a Threat Detection and Response Program

In this post, we’ll summarize some of the key takeaways for businesses looking to further their threat detection and response programs, as well as provide helpful resources that will help you along the way.…

How Attackers Can Harvest Users’ Microsoft 365 Credentials with New Phishing Campaign

In this blog post, Rapid7's MDR services team outlines a unique phishing campaign that utilizes a novel method of scraping organizations’ branded Microsoft 365 tenant login pages to produce highly convincing credential harvesting pages.…

Automating the Cloud: AWS Security Done Efficiently

Today, we are going to be installing software on all your existing EC2 instances across several (or all!) accounts under an organization in AWS.…

Cloud Security Primer: The Basics You Need to Know

What do you need to do to secure your cloud-based systems while enjoying the competitive benefits of the cloud? Read this blog to find out.…

The Importance of Preventing and Detecting Malicious PowerShell Attacks

In this blog, we will discuss why organizations should care about malicious PowerShell activity, how attackers use PowerShell to steal credentials, and how to prevent and detect malicious PowerShell activity.…