Rapid7 Blog

Incident Response  

Tonight I'm gonna IR like it's 99 (days until GDPR)…

Sorry Nena, it was going to be you or Prince that was going to get the headline, and whilst 99 Red Balloons is a catchy 80’s classic, I had to give credit to His Royal Purpleness. It was that or pay tribute to a…

Finding Evil: Why Managed Detection and Response Zeroes In On the Endpoint

This post was co-written with Wade Woolwine, Rapid7 Director of Managed Services. What three categories do attackers exploit to get on your corporate network? Vulnerabilities, misconfigurations, and credentials. Whether the attack starts by stealing cloud service credentials, or exploiting a vulnerability on a misconfigured, internet-facing…

An Open Letter to the Office of the Australian Information Commissioner

Dear OAIC, I love your website. I really, really, really, really, REALLY love your website. It is brilliant. Thank you. Warm regards, Samantha Humphries Rapid7 Senior Manager, Global Markets & Compliance Glad I’ve got that off my chest. I should probably elaborate on my…

Prepare for Battle: Let’s Build an Incident Response Plan (Part 4)

This is not a drill. In this final installment, read our recommendations for handling a real incident. Whether opportunistic or targeted, here's what you should be thinking about.…

MDR and GDPR: More than a lot of letters

With 2018 now well in our sights, the countdown to the General Data Protection Regulation (GDPR)) is most definitely on. Articles 33 and 34 of the GDPR require organizations to communicate personal data breaches when there is a high risk of impact to the people…

Prepare for Battle: Let’s Build an Incident Response Plan (Part 3)

Now, it’s time for the fun stuff. While an incident response plan review may feel like practicing moves on a wooden dummy, stress testing should feel more like Donnie Yen fighting ten people for bags of rice in Ip Man…

Rapid7 Excels at Advanced Analytics and User Monitoring in Gartner's 2017 SIEM Critical Capabilities Report

If you’re looking for a SIEM solution, chances are you’ve at least heard of the Gartner Magic Quadrant for Security Information and Event Management (SIEM). But what about its companion guide, the Critical Capabilities report? Still yes, probably. If you want to understand…

Prepare for Battle: Let’s Build an Incident Response Plan (Part 2)

In Part 1, we covered key considerations when drafting an incident response plan. Here, we'll cover the best way to get buy-in from key company stakeholders...…

Prepare for Battle: Let’s Build an Incident Response Plan (Part 1)

Creating and testing an IR plan mitigates risk—help your organization perform at its best by preparing it for the worst. Join us for Part 1: drafting the plan.…

Faster Investigations, Closer Teamwork: InsightIDR Enhancements

Incident investigations aren’t easy. Imagine investigation as a 100-piece jigsaw puzzle, except there are a million unarranged pieces to build from. Top analysts need to know what “bad” looks like and how to find it, and they must bring a sharp Excel game to stitch everything together...…

Changing the Corporate Network Attacker’s Risk-Reward Paradigm

Defending a corporate network is hard, while attacking one is all too easy. We break down the risk/reward ratio for corporate attackers and what we can do to change it.…

The Legal Perspective of a Data Breach

The following is a guest post by Christopher Hart, an attorney at Foley Hoag and a member of Foley Hoag’s cybersecurity incident response team. This is not meant to constitute legal advice; instead, Chris offers helpful guidance for building an incident preparation and breach…

Running an Effective Incident Response Tabletop Exercise

Are you ready for an incident? Are you confident that your team knows the procedures, and that the procedures are actually useful? An incident response tabletop exercise is an excellent way to answer these questions. Below, I've outlined some steps to help ensure success for…

12 Days of HaXmas: Designing Information Security Applications Your Way

Merry HaXmas to you! Each year we mark the 12 Days of HaXmas with 12 days of blog posts on hacking-related topics and roundups from the year. This year, we're highlighting some of the “gifts” we want to give back to the community. And while…

User Behavior Analytics and Privacy: It's All About Respect

When I speak with prospects and customers about incident detection and response (IDR), I'm almost always discussing the technical pros and cons. Companies look to Rapid7 to combine user behavior analytics (UBA) with endpoint detection and log search to spot malicious behavior in their environment.…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More