Phishing Attacks Duping Your Users? Here’s a Better Anti-Phishing Strategy.
You’ve hired the best of the best and put up the right defenses, but one thing keeps slipping in the door: phishing emails. Part of doing business today, unfortunately, is dealing with phishing attacks. Few organizations are immune to phishing anymore; it’s on…
Rapid7 Quarterly Threat Report: 2018 Q1
Spring is here, and along with the flowers and the birds, the pollen and the never-ending allergies, we bring you 2018’s first Quarterly Threat Report! For the year’s inaugural report, we pulled an additional data set: significant events. While we like to look…
Unifying Security Data: How to Streamline Endpoint Detection and Response
Collecting data from the endpoint can be tedious and complex (to say the least). Between the data streaming from your Windows, Linux, and Mac endpoints, not to mention remote authentication and the processes running on these assets, there is a lot of information to gather…
What Makes SIEM Security Alerts Actionable? Automatic Context
Whether you call them alerts, alarms, offenses, or incidents, they’re all worthless without supporting context. A failed login attempt may be completely benign ... unless it happened from an anomalous asset or from a suspicious location. Escalation of a user’s privileges could be due…
How to Identify Attacker Reconnaissance on Your Internal Network
The most vulnerable moment for attackers is when they first gain internal access to your corporate network. In order to determine their next step, intruders must perform reconnaissance to scout available ports, services, and assets from which they can pivot and gain access to customer…
Attacker Behavior Analytics: How InsightIDR Detects Unknown Threats
InsightIDR customers now have an ever-evolving library of attacker behavior detections automatically matched against their data. Read on to learn how Rapid7 SOC and threat intel teams investigate a constant rumbling of attacker behavior and transform it into actionable threat intelligence.…
Finding Evil: Why Managed Detection and Response Zeroes In On the Endpoint
This post was co-written with Wade Woolwine, Rapid7 Director of Managed Services. What three categories do attackers exploit to get on your corporate network? Vulnerabilities, misconfigurations, and credentials. Whether the attack starts by stealing cloud service credentials, or exploiting a vulnerability on a misconfigured, internet-facing…
Rapid7 Excels at Advanced Analytics and User Monitoring in Gartner's 2017 SIEM Critical Capabilities Report
If you’re looking for a SIEM solution, chances are you’ve at least heard of the Gartner Magic Quadrant for Security Information and Event Management (SIEM). But what about its companion guide, the Critical Capabilities report? Still yes, probably. If you want to understand…
2017 Gartner Magic Quadrant for SIEM: Rapid7 Named a Visionary
If you’re currently tackling an active SIEM project, it’s not easy to dig through libraries of product briefs and outlandish marketing claims. You can turn to trusted peers, but that’s challenging in a world where most leaders aren’t satisfied with their…
An Agent to Rule Them All: InsightIDR Monitors Win, Linux & Mac Endpoints
Today’s SIEM tools aren’t just for compliance and post-breach investigations. Advanced analytics, such as user behavior analytics, are now core to SIEM to help teams find the needles in their ever-growing data stacks. That means in order for project success, the right data…
Faster Investigations, Closer Teamwork: InsightIDR Enhancements
Incident investigations aren’t easy. Imagine investigation as a 100-piece jigsaw puzzle, except there are a million unarranged pieces to build from. Top analysts need to know what “bad” looks like and how to find it, and they must bring a sharp Excel game to stitch everything together...…
SIEM Market Evolution And The Future of SIEM Tools
There’s a lot to be learned by watching a market like SIEM adapt as technology evolves, both for the attackers and the analysis.…
InsightIDR Now Supports Multi-Factor Auth and Data Archiving
InsightIDR is now part of the Rapid7 platform. Learn more about our platform vision and how it enables you to have the SIEM solution you've always wanted.…
Want to try InsightIDR in Your Environment? Free Trial Now Available
InsightIDR, our SIEM powered by user behavior analytics, is now available to try in your environment. This post shares how it can help your security team.…
PCI DSS Dashboards in InsightIDR: New Pre-Built Cards
No matter how much you mature your security program and reduce the risk of a breach, your life includes the need to report across the company, and periodically, to auditors. We want to make that part as easy as possible. We built InsightIDR as a…
