Rapid7 Blog

User Behavior Analytics  

800 Million Compromised Credentials Were Exposed This Month. Were You Notified?

In our previous post on third party breaches, we talked about the risk of public compromised credential leaks providing attackers with another ingress vector. This August, InsightIDR, armed with knowledge from a partner, identified a “Very Large Credentials Dump”. Very large? Over 800 million compromised…

The Calm Heroes Fighting Cyber Crime

The call everyone had been waiting for came in: the shuffleboard table arrived, and was ready to be brought upstairs and constructed! The team had been hard at work all morning in the open-style office space with conference rooms and private offices along the perimeter.…

[Q&A] User Behavior Analytics as Easy as ABC Webcast

Earlier this week, we had a great webcast all about User Behavior Analytics (UBA). If you'd like to learn why organizations are benefiting from UBA, including how it works, top use cases, and pitfalls to avoid, along with a demo of Rapid7 InsightIDR, check out…

Disrupt the Attack Chain with Rapid7

The attack surface is growing, and it is critical for enterprises to be able to detect and respond to incidents quickly and thoroughly. We recommend modeling your security program after the Attack Chain, which graphically shows the steps that intruders follow to breach a company.…

Trip Report: Techno Security & Forensics Investigations Conference

This past week, hundreds of digital investigators from government and corporate teams headed to Myrtle Beach for this year's Techno Security & Forensics Investigations conference (#TSFIC). Here are the highlights of what we learned and what Rapid7 shared at the event. No Matter Your Role,…

If Employee Passwords Get Compromised, Does Your System Make a Sound?

Compromised credentials are the number one attack vector behind breaches, according to the Verizon Data Breach Investigations Report. Armed with an employee username and password, attackers can stealthily gain a foothold on the network, perform reconnaissance, and move laterally to critical targets – all without…

451 Research Reviews Rapid7 InsightIDR: "Blazing New Trails for Corporate Security."

451 Research, a global IT technology analyst firm, recently reviewed our Incident Detection & Response solution, InsightIDR. The report praises the User Behavior Analytics (UBA) in the solution, and importantly it also supports our corporate mission: “We believe products such as InsightIDR are blazing new…

Detecting Intruders Using Credentials: Lateral Movement Is Not Just for T3h 1337 h4x0|2

The largest challenge for organizations looking to detect and contain attackers is one of the hardest to overcome: disbelief. Disbelief that they will be targeted. Disbelief that someone will get past their perimeter. Disbelief that they will use stealth. Whether it is an expert group…

Detect Corporate Identity Theft with a New Intruder Trap: Honey Credentials

If you're only looking through your log files, reliably detecting early signs of attacker reconnaissance can be a nightmare. Why is this important? If you can detect and react to an intruder early in the attack chain, it's possible to kick the intruder out before…

Redner's Markets Selects Nexpose & InsightUBA for Compliance and Incident Detection

With breaches making regular headlines, security teams are under more scrutiny than ever before. This is especially true in retail, where strong security practices are paramount to protecting customer and organizational data. PCI DSS compliance is a key component of any retail organization's security program.…

SC Magazine reviews InsightUBA: "Should have known Rapid7 would get into active detection game."

Eric Sun is Solutions Marketing Manager, IDR at Rapid7. February's edition of SC Magazine features a review of our user behavior analytics solution, InsightUBA (formerly UserInsight): First two paragraphs: "Rapid7 has been in the vulnerability game for a long time and they certainly are…

UNITED 2016: Power Up Your Incident Detection and Response

When you think about fall in New England, the visions that should flow through your head are gorgeous foliage, cool autumn nights... and the evolution of incident detection and response technology. That's right, it's time we start talking about UNITED 2016, Rapid7's annual user conference…

IDC says 70% of successful breaches originate on the endpoint

This is part 2 of a blog post series on a new IDC infographic covering new data on compromised credentials and incident detection. Check out part 1 now if you missed it. Most organizations focus on their server infrastructure when thinking about security – a fact…

SANS Review of Rapid7 UserInsight (now InsightUBA) for User Behavior Analytics and Incident Response

Editor's Note - March 2016: Since this review, UserInsight has now become InsightUBA. Along with the name change comes a completely redesigned user interface, continuous endpoint detection, and another intruder trap to reliably detect attacker behavior outside of logs. We also launched InsightIDR, which combines…

Calling Your Bluff: Behavior Analytics in Poker and Incident Detection

As a former – or dormant – professional poker player, I'm seeing a lot of parallels between poker and incident detection, especially when it comes to behavior analytics. Detecting a bluff in poker is really not all that different from detecting an intruder on the network. New…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More