Posts tagged Security Operations

4 min CISOs

How CISOs’ Roles – and Security Operations – Will Change in 2024

It’s fair to say that 2023 was a turning point for the cybersecurity industry, and no one felt it more than the CISO. From the onslaught of ransomware and zero-day attacks, [https://www.rapid7.com/blog/post/2024/01/12/2023-ransomware-stats-a-look-back-to-plan-ahead/] to the SEC’s new reporting rules [https://www.rapid7.com/globalassets/_pdfs/policy/sec-cybersecurity-compliance-solution-brief.pdf] , and added to technological innovation and sprawl, CISOs have never been under more pressure to ge

2 min Security Operations

Showcasing SecOps Metrics That Matter

Our latest ebook, Presenting Upward: How to Showcase SecOps Metrics That Matter offers practical and actionable advice on how to present security metrics in a language execs understand.

4 min Vendor Consolidation

Four Signs You Need to Consolidate Your Tech Stack

Learn how consolidation can improve productivity, visibility, and reporting as well as bridge staff resourcing gaps.

2 min Security Operations (SOC)

Cybersecurity Analysts: Job Stress Is Bad, but Boredom Is Kryptonite

Repetitive tasks are a big part of a cybersecurity analyst’s day. But combining monotony with the need for attentiveness can be kryptonite.

5 min Cloud Security

What It Takes to Securely Scale Cloud Environments at Tech Companies Today

Here are three ways to help empower your teams to take advantage of the many benefits of public cloud infrastructure without sacrificing security.

5 min Security Operations

Metrics That Matter and Curtailing the Cobra Effect

Creating metrics in cybersecurity is hard enough, but creating metrics that matter is a harder challenge still.

6 min Security Operations

A First-Year CISO Shares Her Point of View

​On Thursday, November 17, Katie Ledoux, CISO at Attentive, joined Rapid7's Bob Rudis to dive into how she's approaching 2022 planning.

4 min Security Operations

2022 Planning: Prioritizing Defense and Mitigation Through Left of Boom

In this post, we'll use ransomware as an example for 3 areas where you can apply a left-of-boom approach in your defenses in the coming year.

4 min Cybersecurity

2022 Planning: The Path to Effective Cybersecurity Maturity

Achieving cybersecurity maturity isn't something you can do overnight — it requires a significant amount of planning, prioritizing, and coordinating across the business.

3 min Cloud Security

The Future is Friction-Free: Drive Innovation With DevOps + SecOps

How can DevOps and IT teams work and innovate in a friction-reduced or—we can all dream—a friction-free way?

4 min Application Security

Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity

Let’s take a look at some key insights on current industry efforts to more closely integrate DevOps and SecOps—and how you can plot your best path forward.

3 min Vulnerability Management

Defining Vulnerability Risk Management (and How to Build a Modern VRM Program)

Once upon a time (just a handful of years ago), vulnerability management programs [https://www.rapid7.com/fundamentals/vulnerability-management-program-framework/] focused solely on servers, running quarterly scans that targeted only critical systems. But that was then, and you can’t afford such a limited view in the now. Truth is, vulnerability exploitation now happens indiscriminately across the modern attack surface—from local and remote endpoints to on-prem and cloud infrastructure to we

3 min Security Operations

Confessions of a Former CISO: Shaming People for Bad Security

In this edition of Confessions of a Former CISO, Scott King shares some hard lessons he's learned about shaming others for their security.

5 min

Confessions of a Former CISO: Promoting Individual Contributors into Leadership Roles

We are excited to announce the release of “Confessions of a Former CISO,” a video series that highlights some of the mistakes, challenges, and successes in the InfoSec industry.

5 min Security Operations

How to Define Business Value for Security Programs

Today, we're evaluating the categorization of Detection and Response program outcomes and Attack Surface Management outcomes uncovered by Rapid7's UX team.