Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

User Behavior Analytics  

Want to bolster your security program? Keep users from making decisions.

How many times have you witnessed security problems caused by a user making bad decisions? I'd venture to guess at least a few dozen if not hundreds. We've all seen where the perfect storm forms through weaknesses in technical controls, user training, and – most…

User and Entity Behavior Analytics: A Strategic Primer

If you're investing beyond malware detection, you've probably come across User Behavior Analytics (aka UBA, UEBA, SUBA). Why are organizations deploying UBA, and are they finding value in it? In this primer, let's cover what's being seen in the industry, and then a bit on…

SIEM Tools Aren't Dead, They're Just Shedding Some Extra Pounds

Security Information and Event Management (SIEM) is security's Schrödinger's cat. While half of today's organizations have purchased SIEM tools, it's unknown if the tech is useful to the security team… or if its heart is even beating or deployed. In response to…

User Behavior Analytics and Privacy: It's All About Respect

When I speak with prospects and customers about incident detection and response (IDR), I'm almost always discussing the technical pros and cons. Companies look to Rapid7 to combine user behavior analytics (UBA) with endpoint detection and log search to spot malicious behavior in their environment.…

Warning: This blog post contains multiple hoorays! #sorrynotsorry

Hooray for crystalware! I hit a marketer's milestone on Thursday – my first official award ceremony, courtesy of the folks at Computing Security Awards, which was held at The Cumberland Hotel in London. Staying out late on a school night when there's a 16 month old…

Demanding More from Your SIEM Tools [Webcast Summary]

Do you suffer from too many vague and un-prioritized incident alerts? What about ballooning SIEM data and deployment costs as your organization expands and ingests more data? You're not alone. Last week, over a hundred infosec folks joined us live for Demanding More out of…

Malware and Advanced Threat Protection: A User-Host-Process Model

[Editor's Note: This is a sneak peek at what Tim will be presenting at UNITED 2016 in November. Learn more and secure your pass at http://www.unitedsummit.org!]In today's big data and data science age, you need to think outside the box when…

InsightIDR & Nexpose Integrate for Total User & Asset Security Visibility

Rapid7's Incident Detection and Response and Vulnerability Management solutions, InsightIDR and Nexpose, now integrate to provide visibility and security detection across assets and the users behind them. Combining the pair provides massive time savings and simplifies incident investigations by highlighting risk across your network ecosystem…

From Crisis to Confidence in Only Hours: How Rapid7 Became Our Security Sommelier

This is a guest post by Rapid7 customer, Tom Brown. Faced with a possible data breach after customers reported malicious spam appearing to come from his company, Liberty Wines, he called in the experts. The cyber incident came when I was on a trip to…

800 Million Compromised Credentials Were Exposed This Month. Were You Notified?

In our previous post on third party breaches, we talked about the risk of public compromised credential leaks providing attackers with another ingress vector. This August, InsightIDR, armed with knowledge from a partner, identified a “Very Large Credentials Dump”. Very large? Over 800 million compromised…

The Calm Heroes Fighting Cyber Crime

The call everyone had been waiting for came in: the shuffleboard table arrived, and was ready to be brought upstairs and constructed! The team had been hard at work all morning in the open-style office space with conference rooms and private offices along the perimeter.…

[Q&A] User Behavior Analytics as Easy as ABC Webcast

Earlier this week, we had a great webcast all about User Behavior Analytics (UBA). If you'd like to learn why organizations are benefiting from UBA, including how it works, top use cases, and pitfalls to avoid, along with a demo of Rapid7 InsightIDR, check out…

Disrupt the Attack Chain with Rapid7

The attack surface is growing, and it is critical for enterprises to be able to detect and respond to incidents quickly and thoroughly. We recommend modeling your security program after the Attack Chain, which graphically shows the steps that intruders follow to breach a company.…

Trip Report: Techno Security & Forensics Investigations Conference

This past week, hundreds of digital investigators from government and corporate teams headed to Myrtle Beach for this year's Techno Security & Forensics Investigations conference (#TSFIC). Here are the highlights of what we learned and what Rapid7 shared at the event. No Matter Your Role,…

If Employee Passwords Get Compromised, Does Your System Make a Sound?

Compromised credentials are the number one attack vector behind breaches, according to the Verizon Data Breach Investigations Report. Armed with an employee username and password, attackers can stealthily gain a foothold on the network, perform reconnaissance, and move laterally to critical targets – all without…