Rapid7 Blog

Higher Education  

Top Reasons for Graduate Students to Attend UNITED

The countdown is on to Rapid7's annual UNITED Summit in Boston on September 13-14. Rapid7 has partnered with top universities all over the globe to provide students with industry-leading security solutions as part of their coursework, equipping them with hands-on knowledge as they head into…

The countdown is on to Rapid7's annual UNITED Summit in Boston on September 13-14. Rapid7 has partnered with top universities all over the globe to provide students with industry-leading security solutions as part of their coursework, equipping them with hands-on knowledge as they head into the workforce. This year, for the first time, Rapid7 is expanding its Higher Education Program and providing scholarships to allow select graduate students in cybersecurity Master's and PhD programs to attend UNITED. Read on for what students stand to gain from joining us at UNITED (or just skip down to the bottom and apply now!). Top Reasons for Students to Attend UNITED We can think of a lot more reasons to attend UNITED's inaugural year of student programming, but for the sake of time, we've narrowed this list down to the top three: UNITED is a great place to network with other students, cybersecurity practitioners, and thought leaders. We'll have pen testers, incident responders, and other practitioners eager to share their knowledge (not to mention Metasploit developers!). Whether you're looking for a job or just aiming to hone your skills, networking and learning opportunities abound at UNITED. Local to Boston? We're always looking for great talent. Rapid7 is fueled by research. Whether it's through our Heisenberg project, threat intelligence, Project Sonar, or one of the many other research and open source projects we support, we're constantly thinking about how we can inform and advance the community. At UNITED, you'll be able to attend workshops that explore the data and philosophies behind these projects. Brainstorm with our researchers or have a deep-dive discussion with our data scientists—there will be plenty of time to seek out people who are leading their fields in security research and beyond. Want to meet and learn from the Metasploit team? UNITED is your perfect chance: In addition to talking shop with the people who make the world's de facto framework for penetration testing, Metasploit is hosting an exclusive CTF (Capture the Flag) competition at UNITED. Learn how to hack with the best, and win prizes doing it. I want to attend! How do I get in on this? For more information and to confirm eligibility, contact us here with your name, school, the degree program in which you're enrolled, and what you're hoping to gain from attending. Want to learn more about our Higher Education Program? We are committed to solving the information security talent gap and training the next generation of cybersecurity professionals. Learn more here. Not a student but still want to attend UNITED? See the full agenda and register here!

All About the Very First Rapid7 Hacker Games

We just completed our first successful run of the first-ever Rapid7 Hacker Games competition, so I thought it'd be appropriate to do a little write-up on all the fun activities.  So, what exactly is the Rapid7 Hacker Games competition? Well, a hacking competition! Specifically, a…

We just completed our first successful run of the first-ever Rapid7 Hacker Games competition, so I thought it'd be appropriate to do a little write-up on all the fun activities.  So, what exactly is the Rapid7 Hacker Games competition? Well, a hacking competition! Specifically, a hacking competition for teams of university students set up via a virtual lab, so all participants could compete simultaneously from a remote location of their choosing.  Each university fielded a team of up to 5 students who worked together on a set of hacking challenges, and we had 17 participants in total. The teams competed against each other and against the clock to see who could get the farthest within the competition course and set time. The event ran December 5, 2015 from 1 PM - 5 PM Eastern time. The challenge course consisted of three main components: Hands-on System & Service Exploitation Hands-on Web App Exploitation Trivia Challenge Students applied real-world skills, tools, and methodologies to overcome a variety of obstacles for each section of the course. This included exploiting systems with Metasploit and Metasploit Pro, among other tools. The challenge was timed, with bonus points for the first team to reach each goal.  So while the core challenge required technical ability, truly succeeding also required teamwork, communication, and collaboration. The competition itself Four universities competed in our pilot program: New England Institute of Technology (NEIT) Northern Kentucky University (NKU) University of Maryland University College (UMUC) Western Dakota Tech (WDT) We had quite a few more express interest that weren't able to participate this round. If you were one of them, please don't worry, there will be more Hacker Games events to come   For this pilot program, we reached out to universities involved in the Rapid7 Higher Education Program, which provides academic licenses and education material for Nexpose Enterprise and Metasploit Pro. It was a hard-fought competition with many lead changes. At the end of the day, thanks to a strong fourth-quarter surge, one team emerged as the winner: University of Maryland University College (UMUC)! Congratulations to the UMUC team! And a sincere thanks to everyone who competed. As a prize for their participation, every student participant was awarded an exam voucher for the MSPCS Certification Exam.  And of course, for the winning team there was a special award: Passes to UNITED 2016. (All in all, about $10,000 worth of prizes were awarded!) What's next? This was the first ever Hacker Games competition, and we would love to see it become the first of many. Keep an eye on this blog for more information and announcements regarding future Hacker Games. You can also make sure that your university gets involved with the Rapid7 Higher Education Program. Thank you and stay tuned for more!

New Rapid7 Higher Education Program Supports Universities Around the World With Free Licenses, Trainings, and Certifications

40% of security positions will remain unfilled in 2014, according to a recent study by the Ponemon Institute. The inability to find skilled staff to grow security programs remains one of the key challenges for the industry. By contrast, criminal hacking teams seem to be…

40% of security positions will remain unfilled in 2014, according to a recent study by the Ponemon Institute. The inability to find skilled staff to grow security programs remains one of the key challenges for the industry. By contrast, criminal hacking teams seem to be fully staffed. We've all seen the outcome of this inequality in the high profile breaches of 2014.Universities are doing the best they can to educate the next generation of security professionals. One big challenge they face is that their teaching lab budgets are not funded to replicate an enterprise network with all of its security solutions.Rapid7 partners with universities to reduce the global shortage of skilled professionalsAbout half a year ago, a few folks here at Rapid7 reached out to some universities to see how we could help. We were encouraged and inspired by our conversations with faculty and got buy-in from the executives at Rapid7 to stand up a Higher Education Program. Now, we've got all the pieces in place to launch it.As part of the program, eligible universities will receive the following benefits:Free licenses of Nexpose Enterprise and Metasploit Pro for teaching labsFree training and certifications for facultyTeaching materials for faculty to leverageManuals on how to build a lab for vulnerability management and penetration testingVirtual machines for the labsProfessional certifications for Rapid7 Nexpose Enterprise and Rapid7 Metasploit Pro at great rates for studentsCommunity-driven technical supportProgram already piloted with dozens of universities around the worldWe've already piloted this program with a number of universities, as far as Germany, Singapore, Australia, and Bosnia and Herzegovina. We thought we'd share their feedback with you:“Students have been requesting more hands-on ‘real world' experiences for several semesters and the academic licenses helped provide them that experience which they felt was 'awesome'. One student has been hired by a security firm doing junior level penetration testing because of his exposure to Nexpose Enterprise and Metasploit Pro. It was the main difference that set him apart from other recent college graduates that also had similar experience in penetration testing.”Gaelan Adams, University of Central Florida, USA“Free Metasploit Pro and Nexpose Enterprise licenses enabled my students to have hands on experience with the best and most current penetration testing software and see its full potential. They were able to discover and exploit various vulnerabilities with such an ease that it was really an eye-opening experience. Now, they know that security is a serious issue and are familiar with tools that can help them.”Sasa Mrdovic, Associate Professor, University of Sarajevo, Bosnia and Herzegovina“My goal is to expose our students to the industry leading tools, like those published by Rapid7, so that they will be immediately marketable upon graduation.”Dr. Shannon McMurtrey, Senior Instructor, Missouri State University, USA“I believe that exposure to enterprise security tools is critical for the next generation of InfoSec Professionals. “Jim Furstenberg, Cyber Security Professor, Ferris State University, USAEligible universities can sign up nowIf you are a faculty that teaches a cyber-security course that touches on vulnerability management or penetration testing, you can apply to be included in the program. Licenses may only be used for teaching purposes, not for the protection of the university network or commercial work. If you are a student, please let your faculty member know about the Rapid7 Higher Education Program.

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now