Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Whiteboard Wednesday  

Whiteboard Wednesday: How to Implement A Phishing Awareness Training Plan in 5 Steps

There’s no silver bullet to combating protecting your organization from phishing attacks today. The only comprehensive approach leverages a combination of methods, many of which we’ve covered in parts 1 and 2 of our three-part phishing Whiteboard Wednesday series. Phishing is a human…

Whiteboard Wednesday: Your 6-Minute Recap of Q1 2018’s Threat Landscape

Gotten a chance to read Rapid7’s Quarterly Threat Report for 2018 Q1? If not (or if you’re more of an auditory learner), we’ve put together a 6-minute recap video of the major findings. In our Quarterly Threat Reports, our security researchers provide…

How a breached vendor impacts your organization's security - this week's Whiteboard Wednesday

The traditional concept of the security perimeter is long-outdated, and as recent headline-grabbing data breaches have shown, we must also monitor to the corporate supply chain as a source of potential security issues down the road. And as business systems become increasingly interconnected, the risks…

The Anatomy of a Credit Card Breach: Whiteboard Wednesday [VIDEO]

The onset of the holiday season means lots of stores preparing for the inevitable shopping rush. While these retailers keep fingers crossed that customers make this season quite merry and bright, attackers also have high hopes for the season -- for lots of new credit…

WinShock (CVE-2014-6321) - what is it & how to remediate - Whiteboard Wednesday [VIDEO]

This month's Patch Tuesday disclosed vulnerability CVE-2014-6321, dubbed by some as "WinShock," and it's getting some major attention. Our Security Engineer Justin Pagano gives a rundown of this vulnerability with the information we have today—what it is, what it affects, and how you…

The difference between an IPS & IDS - Whiteboard Wednesday [VIDEO]

Intrusion Prevention System (IPS) and Intrusion Detection System (IDS) -- sometimes these acronyms are used a bit interchangeably, so we wanted to take a moment to clarify their differences and how these systems can be useful in your environment.Whiteboard Wednesday: IPS and IDS: What's…

Whiteboard Wednesday: Insider Threat Programs - How To Get Started

Do you need an insider threat program? It's a good question - one that more companies are considering as compromised users become an increasingly popular attack vector, and malicious user behavior becomes more prevalent. In this week's Whiteboard Wednesday video, we weigh some options on…

Whiteboard Wednesday [VIDEO]: BashBug/ShellShock explained

On this Very Special Whiteboard Wednesday, we bring you a video on a Thursday because, well, #bashbug happened. Thankfully the sky is not falling.In this bashbug-edition of Whiteboard Wednesday, we discuss common attack vectors that could be used to exploit this vulnerability, exactly how…

Android browser privacy bug explained [VIDEO]: Whiteboard Wednesday

todb's post earlier this week about the flaw in Android's Open Source Platform browser has been getting a lot of attention this week, and for good reason: By the numbers, Android 4.2 and earlier builds have the vulnerable browser in question, and about 75%…

Whiteboard Wednesday - Pen Testing for Productivity

This week's Whiteboard Wednesday finds Chris Kirsch, our Senior Product Marketing Manager for Metasploit, explaining how productivity features within pen testing tools can save you some significant time.We here at Rapid7 obviously love open source products, but a common issue with most of them…

How to Save 140 Hours a Month on Vulnerability Management

Welcome back, Whiteboard Wednesday Fans!Were you able to check out our Whiteboard Wednesday last week? Our very own Bill Bradley discusses how you can significantly cut down on the time spent on vulnerability management every month. Specifically, he discusses the various technologies that exist…

Whiteboard Wednesday - PCI Compliance

Hello all, This week, for Whiteboard Wednesday, it's everyone's favorite Community Manager - Patrick Hellen (ie - me), breaking Today's Whiteboard Wednesday is all about PCI compliance. Watch as Ethan Goldstein, Security Engineer at Rapid7, tells you what PCI is, how to become PCI compliant,…

How Can I Protect Against Phishing? - Whiteboard Wednesdays

Phishing is on the rise as an attack vector because it's often the fastest and easiest way to penetrate a network's defenses. You're doing security awareness training, but how do your users behave when faced with a real phishinge-mail?  So how can you train…

How to Justify Your Penetration Testing Budget - Whiteboard Wednesdays

Is penetration testing a good idea to you, but your managers don't seem to get it? Don't worry, you're not alone, and there is a solution. This Whiteboard Wednesday video walks you through some steps to achieve your goal - and to get your budget…

Moving from HML (High, Medium, Low) Hell to Security Heaven – Whiteboard Wednesdays

At last check there are about 22 new vulnerabilities being published and categorized every single day (see National Vulnerability Database web site - http://nvd.nist.gov/). In total, the National Vulnerability Database now contains more than 53,000 vulnerabilities. No wonder security professionals are…

Featured Research

National Exposure Index 2018

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More