Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Incident Detection  

The Rapid7 Belfast Security Operations Centre: Take a Video Tour

Get a behind the scenes look at the managed detection and response (MDR) team in the Rapid7 Belfast SOC. Watch now.…

A Behind the Scenes Look at Attacker Behavior Analytics with our MDR Team

Just a handful of years ago, drive-by exploit kits were how attackers attempted to attack companies and individuals. Today, it’s through the delivery of malicious documents and malware that can quickly contort and disguise where it’s coming from. Attack vectors are constantly evolving—…

Deception Technology in InsightIDR: Setting Up Honeypots

In order to overcome the adversary, we must first seek to understand. By understanding how attackers operate, and what today’s modern network looks like from an attacker’s perspective, it’s possible to deceive an attacker, or at least have warning around internal network…

Deception Technology in InsightIDR: Setting Up Honey Users

Having the ability to detect and respond to user authentication attempts is a key feature of InsightIDR, Rapid7’s threat detection and incident response solution. Users can take this ability one step further by deploying deception technology, like honey users, which come built into the…

Phishing Attacks Duping Your Users? Here’s a Better Anti-Phishing Strategy.

You’ve hired the best of the best and put up the right defenses, but one thing keeps slipping in the door: phishing emails. Part of doing business today, unfortunately, is dealing with phishing attacks. Few organizations are immune to phishing anymore; it’s on…

Managed Threat Detection and Response: The Questions You Need to Ask Vendors

In this post, Wade Woolwine, managed services director of technology at Rapid7, details our approach to managed detection and response: visibility, analytics, and arming our analysts with smart, customizable automation. Defending the modern enterprise is hard work. Between the need for round-the-clock coverage, technology to…

Whiteboard Wednesday: Your 6-Minute Recap of Q1 2018’s Threat Landscape

Gotten a chance to read Rapid7’s Quarterly Threat Report for 2018 Q1? If not (or if you’re more of an auditory learner), we’ve put together a 6-minute recap video of the major findings. In our Quarterly Threat Reports, our security researchers provide…

Rapid7 Quarterly Threat Report: 2018 Q1

Spring is here, and along with the flowers and the birds, the pollen and the never-ending allergies, we bring you 2018’s first Quarterly Threat Report! For the year’s inaugural report, we pulled an additional data set: significant events. While we like to look…

Unifying Security Data: How to Streamline Endpoint Detection and Response

Collecting data from the endpoint can be tedious and complex (to say the least). Between the data streaming from your Windows, Linux, and Mac endpoints, not to mention remote authentication and the processes running on these assets, there is a lot of information to gather…

What Makes SIEM Security Alerts Actionable? Automatic Context

Whether you call them alerts, alarms, offenses, or incidents, they’re all worthless without supporting context. A failed login attempt may be completely benign ... unless it happened from an anomalous asset or from a suspicious location. Escalation of a user’s privileges could be due…

Attacker Behavior Analytics: How InsightIDR Detects Unknown Threats

InsightIDR customers now have an ever-evolving library of attacker behavior detections automatically matched against their data. Read on to learn how Rapid7 SOC and threat intel teams investigate a constant rumbling of attacker behavior and transform it into actionable threat intelligence.…

Finding Evil: Why Managed Detection and Response Zeroes In On the Endpoint

This post was co-written with Wade Woolwine, Rapid7 Director of Managed Services. What three categories do attackers exploit to get on your corporate network? Vulnerabilities, misconfigurations, and credentials. Whether the attack starts by stealing cloud service credentials, or exploiting a vulnerability on a misconfigured, internet-facing…

MDR and GDPR: More than a lot of letters

With 2018 now well in our sights, the countdown to the General Data Protection Regulation (GDPR)) is most definitely on. Articles 33 and 34 of the GDPR require organizations to communicate personal data breaches when there is a high risk of impact to the people…

Rapid7 Excels at Advanced Analytics and User Monitoring in Gartner's 2017 SIEM Critical Capabilities Report

If you’re looking for a SIEM solution, chances are you’ve at least heard of the Gartner Magic Quadrant for Security Information and Event Management (SIEM). But what about its companion guide, the Critical Capabilities report? Still yes, probably. If you want to understand…

2017 Gartner Magic Quadrant for SIEM: Rapid7 Named a Visionary

If you’re currently tackling an active SIEM project, it’s not easy to dig through libraries of product briefs and outlandish marketing claims. You can turn to trusted peers, but that’s challenging in a world where most leaders aren’t satisfied with their…

Featured Research

National Exposure Index 2018

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More