Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Verizon DBIR  

2017 Verizon Data Breach Report (DBIR): Key Takeaways

The much-anticipated, tenth-anniversary edition of the Verizon DBIR has been released (http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/), once again providing a data-driven snapshot into what topped the cybercrime charts in 2016. There are just under seventy-five information-rich pages to go through, with topics ranging…

Attackers Take Advantage Of The Options You Give Them - Malware vs. Credentials

When InsightIDR was purpose-built to detect compromised credentials in the first months of 2014, we did so because we identified a significant gap in detection solutions currently available to security teams. The 2014 Verizon DBIR just happened to subsequently quantify the size of this gap…

Lessons Learned in Web Application Security from the 2016 DBIR

We spent last week hearing from experts around the globe discussing what web application security insights we have gotten from Verizon's 2016 Data Breach Investigations Report. Thank you, Verizon, and all of your partners for giving us a lot to think about! We also polled…

2016 Verizon Data Breach Report: Vulnerability Management Takeaways

This year's 2016 Verizon Data Breach Investigations Report has plenty of juicy data to pour over and for the past week we've been providing recommendations for ways to improve your security program and stop attackers. The report didn't provide any huge surprises, except for the…

Social Attacks in Web App Hacking - Investigating Findings of the DBIR

This is a guest post from Shay Chen, an Information Security Researcher, Analyst, Tool Author and Speaker. The guy behind TECAPI , WAVSEP and WAFEP benchmarks.Are social attacks that much easier to use, or is it the technology gap of exploitation engines that make social…

3 Web App Sec-ian Takeaways From the 2016 DBIR

This year's 2016 Verizon Data Breach Report was a great read. As I spend my days exploring web application security, the report provided a lot of great insight into the space that I often frequent. Lately, I have been researching out of band and second…

The 2016 Verizon Data Breach Investigations Report (DBIR) - A Web Application Security Perspective

The 2016 Verizon Data Breach Investigations Report (DBIR) is out and everyone is poring over the report to see what new insights we can take from last year's incidents and breaches. We have not only created this post to look at some primary application security…

The 2016 Verizon Data Breach Investigations Report (DBIR) Summary - The Defender's Perspective

Verizon has released the 2016 edition of their annual Data Breach Investigations Report (DBIR). Their crack team of researchers have, once again, produced one of the most respected, data-driven reports in cyber security, sifting through submissions from 67 contributors and taking a deep dive into…

Getting Started with VERIS

We did a webcast with @hrbrmstr @gdbassett from the Verizon team last week, discussing how to get started VERIS, the Vocabulary for Event Recording and Incident Sharing. If you missed that webcast- check it out! If you joined us, thanks for coming out. We've attached…

What is VERIS?

If you'd like to understand more of the nuts and bolts about VERIS, join us for a webcast November 5 2015 at 2pm ET: Understanding VERIS: the DBIR's Secret Decoder Ring Data driven security is all the rage, and laughably few of us encode and…

Key Takeaways from Verizon 2015 Data Breach Investigations Report

It's that time of the year again. No, not the Game of Thrones premiere, but Verizon's latest Data Breach Investigations Report (DBIR). At times, the DBIR can be as hard to read for a security practitioner as GoT is to watch when your favourite character…

New guide: 10 tips for detecting malicious & compromised users

Maybe you've heard a few of the key points from this year's oft-cited Verizon Data Breach Investigations Report (VDBIR). (Or maybe you've been meaning to get around to it.)But if there's only one thing you remember from the report this year, it's this: As…

The Verizon Data Breach Report - 9 Key Takeaways

Last week I hosted a webinar with Nicholas J. Percoco, VP of Strategic Services at Rapid7, where we discussed the latest Verizon DBIR. This year's report, as always, is recommended reading for any security professional as it's probably the most comprehensive piece of research, covering…

Top 3 Takeaways from "9 Top Takeaways from the Verizon Data Breach Investigations Report"

Hi, I'm Kelly Garofalo – you may know me as the voice of the moderator in most of our security webcasts. (You know, the one that tells you about how you can snag CPE credits for joining us and sends you a nice follow-up so…

Is AV dead? Why Symantec's executive is only half right about the state of anti-virus software

This week, a Symantec executive proclaimed that anti-virus is dead. Given the company's position in the AV market, it may be the most discussed comment coming from Symantec for some time; though in and of itself, I'm not sure the statement would elicit much of…

Featured Research

National Exposure Index 2018

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More