Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Incident Detection  

How to Start a Career in Cybersecurity: From Stay-at-Home Mom to Security Pro-in-Training

My name is Carlota Bindner, and here is my story on how I went from being a stay-at-home mom and community volunteer to participating in Rapid7's Security Consultant Development Program.…

Q4 Threat Report: Analyzing the Top 3 Advanced Threats and Detection Techniques

In this post, we’ll review three major findings based on data from Project Sonar, Project Heisenberg, and our Managed Detection and Response customer base, which leverages our security experts and InsightIDR to unify security data and identify compromises in real-time.…

Forrester Tech Tide for Detection and Response: Is 2019 the Year of Convergence?

Rapid7 was recently recognized for capabilities spanning security user behavior analytics, security analytics, deception technology, SOAR, and file integrity monitoring.…

Utilize File Integrity Monitoring to Address Critical Compliance Needs

To help organizations address their compliance auditing needs, we are excited to introduce file integrity monitoring (FIM) for InsightIDR.…

Rapid7 Quarterly Threat Report: Q4 and 2018 Wrap-Up

In our 2018 Q4 Threat Report, we look at our custom Attacker Behavior Analytics rules, examine some new threats we’ve seen this year, and provide some steps to help you secure your organization.…

SOC, SIEM, or MDR? How to Choose the Right Options for Your Infosec Program

Choosing between building an in-house SOC, utilizing a SIEM, or outsourcing to an MDR provider? Learn from three peers on how they made their decision.…

PHP Extension and Application Repository (PEAR) Compromise: What You Need to Know

According to the PHP Extension and Application Repository (PEAR), a security breach had been found on the `pear.php.net` web server.…

Windows Event Forwarding: The Best Thing You’ve Never Heard Of

This blog post will discuss how to get logs into your SIEM and create custom alerts to detect certain behaviors in those logs.…

Q3 Threat Report: Analyzing Three Key Detection Trends

In this post, we will review findings from our 2018 Q3 Threat Report, including common attack types, the Emotet malware, and protocol poisoning.…

Rolling with Your Logs, Part 3: Using Regex to Expand Your Search Options

In this final installment of our Log Search series, we’ll look at some simple regular expressions that will greatly expand your Log Search options.…

[Q&A] Why Every Threat Detection Strategy Needs User Behavior Analytics

VP of Product Sam Adams explains how UBA works and how it’s evolved over the years to become a core part of threat detection and response strategies.…

Rolling with Your Logs, Part 2: Advanced Mode Searches

In the Part 2 of this three-part series on InsightIDR Log Search, we will cover three concepts: parsed logs, groupby function, and log search operations.…

Rapid7 Quarterly Threat Report: 2018 Q3

The leaves are falling and it’s getting colder, which means it’s time for our newest Quarterly Threat Report.…

Rolling with Your Logs, Part 1: Your Guide to Log Search in InsightIDR

In the first installment of this series, we'll cover the three most important basics of log search, then run through a few common Simple Mode searches.…

A Day in the Life of a Rapid7 SOC Analyst

Today, we are diving into a day in the life of a Rapid7 security operations center (SOC) analyst, specifically around threat detection and response.…