DEF CON 22: Six Interesting Topics at This Year's Conference
In today's Whiteboard Wednesday, Nick Percoco, Vice President of Strategic Services at Rapid7 will discuss the 6 talks that he will most likely be attending at DEF CON 22 this year.
In today's Whiteboard Wednesday, Nick Percoco, Vice President of Strategic Services at Rapid7 will discuss the 6 talks that he will most likely be attending at DEF CON 22 this year.
In today's Whiteboard Wednesday, Nate Crampton, Product Marketing Manager at Rapid7 will discuss the 5 steps needed to perform a PCI 3.0 gap analysis.
In today's Whiteboard Wednesday, Jay Roxe, Senior Director of Product Marketing at Rapid7 will discuss phishing and focus on the prevention and detection of phishing attempts targeted at your users.
In today's Whiteboard Wednesday, Lital Asher-Dotan, Senior Product Marketing Manager for UserInsight at Rapid7 will discuss the current chain of events an attacker must take to successfully exfiltrate data from your network.
In today's Whiteboard Wednesday, Ross Barret, Senior Manager of Security Engineering at Rapid7 will discuss the latest OpenSSL vulnerabilities that were released on June 5, 2014.
In today's Whiteboard Wednesday, Nick Percoco, VP of Strategic Services at Rapid7 will discuss the Internet of Things and how it affects security.
In today's Whiteboard Wednesday, Chris Kirsch, Senior Product Marketing Manager will discuss how you can save 45% of your time when pen testing by taking advantage of some great productivity features.
In today’s Whiteboard Wednesday, Chris Kirsch, Senior Product Marketing Manager at Rapid7 will discuss the latest eBay hack which was announced on May 21st.
In today’s Whiteboard Wednesday, Jay Roxe, Senior Director of Product Marketing will talk about some of the key takeaways from the 2014 Verizon Data Breach Investigation report.
In today’s Whiteboard Wednesday, Lital Asher-Dotan, Senior Product Marketing Manager for UserInsight, will discuss Incident Detection Systems (IDS), and how the overwhelming amount of alerts tend to hide real risk in your environment.
In today’s Whiteboard Wednesday, Nick Percoco, Vice President of Strategic Services, will talk about the latest Internet Explorer 0-day.
In today’s Whiteboard Wednesday, Chris Kirsch, Senior Product Marketing Manager, will talk about the importance of network segmentation.
In today’s Whiteboard Wednesday, Lital Asher-Dotan, Senior Product Marketing Manager, will talk about cloud security monitoring and why monitoring cloud services alone isn’t enough.
In today’s Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7, will talk about the OpenSSL vulnerability called Heartbleed.
In today's Whiteboard Wednesday, Bill Bradley, Product Marketing Manager at Rapid7, will discuss the topic, "How to Save 140 Hours a Month on Vulnerability Management".
In today’s Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager at Rapid7, will discuss the topic, Anti-Virus (AV) Evasion for Proper Penetration Testing”.
In today's Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager at Rapid7, will discuss the topic, "PCI 3.0 and Penetration Testing, Requirement 11.3 Explained".
In today’s Whiteboard Wednesday, Bill Bradley, Product Marketing Manager at Rapid7, will discuss the topic, “SANS Top 20 Critical Controls: A Beginners Guide”.
Watch this video to learn what it means to have a layered approach to security and how it can help you achieve your company's security goals. Bill discusses the types of tools that you should consider when building a layered security program.
Watch this video to learn how much money an organization spends on average to remediate a data breach and how long it takes them to do so. Learn how you can detect threats faster and save your organization money by using UserInsight for fast, automated, threat detection across your network, cloud, and mobile environments.
Watch this video to learn how cloud file transfer services, used by your employees and colleagues, put your organization’s data at risk and find out how to monitor suspicious behavior across these cloud services so you can answer the question, "Who leaked the data?"
In today’s Whiteboard Wednesday, Jason Weiss, a member of the engineering team for UserInsight at Rapid7, will discuss the topic, "Why Monitoring Geolocation Information Matters for Security". In this video, Jason explains the importance of geolocation monitoring in order to find anomalies in user activity.
In today's Whiteboard Wednesday, Lital Asher-Dotan, Product Marketing Manager for UserInsight at Rapid7, will discuss the topic, "Do Disgruntled Ex-Employees Access Company Data After They're Gone?" Lital explains the complexity of managing ex-employees accounts outside of the network across cloud services.
Threat investigation should be much simpler for security teams. This is the main topic for this week’s Whiteboard Wednesday. Jason Weiss, an Engineer for Rapid7’s new UserInsight product talks about the painful process of going back and forth between systems to try and piece together evidence that will give a security team insight into who may have committed a risky action on their network. Jason will tell you how you can remove false positives in your threat investigation and how you can easily monitor and trace risky behavior down to the user on your network, across mobile devices, or even on the cloud services that your employees use.
In today’s Whiteboard Wednesday, Jay Roxe, Director of Products at Rapid7, will discuss the topic, “Security in the Year of the Mega Breach”.Jay discusses the most common threat vector used to acquire both personal and organizational data, deception-based attacks. Deception-based attacks are one of the toughest attacks to control. Security professionals are getting much better at locking down a network, however it is very hard for them to stop somebody from gaining access to a network through a user on their network. Watch this video to come away with actionable ways to avoid deception-based attacks both in the workplace as well as outside the workplace.
In today's Whiteboard Wednesday, Patrick Hellen discusses 7 tips for safe online shopping this holiday season. From updating your browsers to avoiding shady websites, Patrick gives you 7 easy steps to help you protect your personal information as you make online purchases this holiday season.
In today's Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager for Metasploit, will talk about pen testing your SAP systems and why it is tough for pen testers.
In today's Whiteboard Wednesday, Jason Weiss from the UserInsight Engineering Team, will tell you exactly how you can answer the question, "Who Dunit?!" on your network and across cloud services.
In today's Whiteboard Wednesday Jason Weiss, will talk about the disappearance of the IT security perimeter and how it shapes our security programs moving forward.
In today's Whiteboard Wednesday Nate Crampton, Product Marketing Manager for Nexpose, will break down the latest changes included in PCI 3.0 Watch this quick video to learn about the new requirements.
In today's Whiteboard Wednesday our Senior Director of Product Marketing, Jay Roxe, will discuss why you should be paying just as much attention to cloud service security as you do to network security.
In today's Halloween themed Whiteboard Wednesday, Patrick Hellen will relate mistakes made in horror movies with mistakes made within security teams. From user-based risk to threat prioritization, learn about some of the most common mistakes that every security team should avoid.
In today's Whiteboard Wednesday, we will walk you through some patch management best practices. We understand how tough it is to keep up with all of the patches that come out each week. By doing a lot of the leg work up front and organizing the assets within your organization, you can save a lot of time in the end. We will walk you 6 steps you can take to improve your current patch management process in this Whiteboard Wednesday.
This week's Whiteboard Wednesday is on DREAD as a reporting methodology as it pertains to penetration testing. Rene Aguero, Senior Sales Engineer for Rapid7 will dive into the DREAD and why he thinks that every pen tester should use DREAD as a reporting methodology when pen testing. Check out the video to learn more!
In today's Whiteboard Wednesday, Jane Man, Product Marketing Manager for ControlsInsight, discusses three important security controls that you should be paying attention to.
In today's Whiteboard Wednesday, David Maloney dives into password auditing techniques with Metasploit. He goes over the three main techniques which are brute force or online password attacks, hash cracking or offline attacks and password recovery attacks. To learn more about these techniques, watch the video above. Make sure to download Metasploit for password auditing!
In today's Whiteboard Wednesday, Patrick Hellen discusses the new biometric security features on the new iPhone 5S. Everybody is talking about how user friendly the new fingerprint scanner is but how is it from a security perspective? Watch this quick video to see what Patrick feels are the pros and cons of the new feature.
Today's Whiteboard Wednesday features Chris Kirsch, Rapid7's Product Marketing Manager for Metasploit, who will be talking about how you can effectively justify your penetration testing budget to your executive team.
In today's Whiteboard Wednesday, John Schimelpfenig will talk about FISMA compliance. John talks about what FISMA compliance is and how to achieve FISMA compliance through vulnerability management, continuous monitoring, and penetration testing.
This week's Whiteboard Wednesday is a primer on what user-based risk is and why it's important to trust but verify your users as part of an comprehensive security program. Jay Roxe explains in this video why the old perimeter-based concept of security is irrelevant in today's world of cloud apps and mobile devices, especially when the sophistication of social engineering attacks is on the rise.
In today's Whiteboard Wednesday, Patrick Hellen, our fearless community manager will discuss the key learnings from the UNITED 2013 conference. UNITED was our customer focused conference that took place in Boston last week. Learn about the major problems that security professionals have in their day to day jobs and learn about the new products that we have come out with to help solve these problems.
In today's Whiteboard Wednesday, Jane Man will discuss proper security controls effectiveness. She will talk about what it takes to assess your current security controls today and how to harden these control even more for security. She also talks about how you can go about choosing the most important security controls to assess.
In today's Whiteboard Wednesday, Chris Kirsch will talk about penetration testing for PCI compliance. If you are a company that accepts credit card payments, you have to comply with PCI. PCI compliance requires that you perform a penetration test at least once a year and after any significant infrastructure or application upgrade. Watch this video to learn more penetration testing for PCI compliance and download Metasploit Pro to get started!
In today's Whiteboard Wednesday, Chris Kirsch will talk about egress filtering and firewall testing with Metasploit's new MetaModules. The new MetaModules allow you to test individual security control quickly and easily making firewall testing and egress filtering simple.
In today's Whiteboard Wednesday, Chris Kirsch will talk about the different types of hackers and the motives behind their attacks. Learn more about the three major hacking groups and who they target. Chris will also help you understand which group of hackers you should be worried about the most.
In today's Whiteboard Wednesday, Chris Kirsch will talk about how you can audit your security controls with Metasploit. Chris will explain what security controls testing is and will give you examples around the controls that you can audit with Metasploit. He will also touch on why it is important to test individual controls rather than just including them in your regular penetration tests. Watch this video to learn more about security controls testing.
In today's Whiteboard Wednesday we will discuss mobile application risk management. Did you know that the average smart phone user has about 50 applications on their phone? Mobile applications can pose a threat to your corporate and personal data, especially if they are on a phone that is jailbroken or downloaded off of a non-trusted application store.
In today's Whiteboard Wednesday, Pia Flores gives you 7 tips to follow when evaluating security tools. Pia has been through thousands of evaluations with customers and these are the items she feels are most important to think about while assessing the tools that help protect your organization. Watch this quick video to learn more.
Watch this quick Whiteboard Wednesday video to learn all about different vulnerability disclosure tactics. Learn the differences between responsible, full, and reasonable disclosure and see why people use these different tactics. This video is presented by our Metasploit Framework who also talks about how Metasploit approaches vulnerability disclosure.
In today's Whiteboard Wednesday, Rachit Kumar talks about the conflict between IT and security teams when it comes to vulnerability remediation.
Offensive security is a proactive approach to protecting your network from outside attackers. Many times people throw up a firewall or install anti-virus and think that these security tools are going to protect you from data loss when in reality; these tools are not always working as advertised. Offensive security allows you to validate that the security measures you have in place in your environment are doing their jobs and protecting your data.
In this Whiteboard Wednesday, Ethan Goldstein explains what PCI is, how to become PCI compliant, and what you should look for in a vendor. Whether you are searching for a PCI approved scanning vendor or simply trying to answer the question, "What is PCI compliance?" Rapid7 can help! Watch this video to get started.
In today's Whiteboard Wednesday, Dirk Sigurdson discusses the differences between mobile risk management and mobile devices management when it comes to mobile security solutions.
In today's Whiteboard Wednesday, Joe Dubin talks about how you can get the most out of your security programs by integrating your vulnerability scanner with penetration testing software.
In today's Whiteboard Wednesday, Ethan Goldstein will talk about how you can make your security programs more efficient and increase the ROI of security software purchases by integrating network topology software with vulnerability and exploit data.
In today's Whiteboard Wednesday, Chris Kirsch explains what Metasploit is and how you can use this penetration testing software to protect your network. Chris will dive into each edition and explain what each has to offer. You will also learn how to install Metasploit and get up and running quickly. What is Metasploit? Let Chris tell you!
In today's Whiteboard Wednesday, Jay Leader, Rapid7's VP of IT and CIO will talk about the five questions you Need to Know the answer to before pitching security solutions to CIO's. If you struggle with finding the best way to communicate with your CIO/CISO about why a security solution is worth the money and implementation effort, this video is for you!
In today's Whiteboard Wednesday, John Schimelpfenig talks about social media security best practices. With the recent AP and Livingsocial hacks in April we thought that this would be a timely topic.
In today's Whiteboard Wednesday, Nate Crampton will talk about the latest features in the newest Nexpose 5.6 release that will take your vulnerability management programs to the next level.
In today's Whiteboard Wednesday we will talk about the integration between Mobilisafe and Microsoft Office 365. See how easy it is to deploy Mobilisafe throughout your business to give you much better insight into your BYOD security.
In today's Whiteboard Wednesday, Chris Kirsch talks about the latest Metasploit 4.6 release and all it has to offer. Here is a hint - Metasploit 4.6 is easier than ever to use! Whether you need to run a quick pen test, audit your web applications or conduct a phishing campaign, the new Metasploit 4.6 release makes it quick and easy to setup. It's like Wizardry or something!
In today's Whiteboard Wednesday, Dirk Sigurdson talks about the top 3 mobile policies that you should be using with Mobilisafe. With the BYOD trend rising, it is important that you put in place mobile policies that protect your organization from a data breach from mobile devices. Mobilisafe makes it easy for you to set rules and guidelines around mobile devices that connect with your exchange server. From requiring a password protected lock screen to making sure that the devices have the latest firmware update, you can set policies in Mobilisafe easily to ensure that all devices connecting to your network are protected. Watch this quick video to learn more!
In today's Whiteboard Wednesday, Will Vandevanter talks about the Amazon S3 service and how a lot of people are misconfiguring their Amazon S3 buckets, leaving personal information exposed. Amazon S3 provides the ability to store and serve static content from Amazon's cloud. Files within S3 are then put into "buckets" which are accessible through a predictable URL.
In today's Whiteboard Wednesday, Chris Kirsch shows you how you can use Metasploitable, an intentionally vulnerable machine, for testing Metasploit. Chris tells you how to download, setup, and use Metasploitable for testing Metasploit before you start using Metasploit on your production servers.
Today's Whiteboard Wednesday video features Metasploit Product Marketing Manager Chris Kirsch, who talks about one of the most well-known pen testing tools, Kali Linux—the next step in the evolution of BackTrack, a popular pen testing tool. Learn about all of the new features in this updated and renamed release, and how Metasploit now supports Kali Linux as an official platform.
In today's Whiteboard Wednesday, David Maloney talks about the Windows Remote Management Service. WinRM is a service designed to allow System Administrators to issue commands to remote machines. In this video, David discusses how Metasploit can identify these services and attack them, gaining unfettered access to machines, and doing so without being detected by Antivirus Solutions.
In this week's Whiteboard Wednesday, Rapid7 CSO HD Moore walks us through a simple pen testing trick that doesn't require use of exploits. This technique can be a useful tool in a social engineering campaign to measure users' security awareness.
In today's Whiteboard Wednesday, Saj Sahay and Giri Sreenivas do a little role play and discuss what it is really like to be an IT manager during the BYOD trend. Giri and Saj will provide you with more information around what BYOD is, how it effects your organization and what you can do to protect your company's information through mobile devices. Using a mobile risk management or mobile risk assessment software like Mobilisafe will allow you to track all of the devices that connect to your exchange server, see which devices are at risk, and even allows you to set policies that ensure that every device on your network meets the required security needs.
As our workforce grows increasingly mobile, it's more important than ever to make sure you secure your passwords to keep the data you access on your laptop, your cell phone-wherever-safe and sound. Rapid7 Community Manager Patrick Hellen shares some password security tips to make sure you keep your accounts uncompromised.
In today's Whiteboard Wednesday, Saj Sahay and Giri Sreenivas discuss the Bring Your Own Device (BYOD) trend and mobile device security in general. This video names the top mobile device security concerns associated with the popular "Bring Your Own Device" (BYOD) trend. Giri and Saj also discuss how you can mitigate mobile vulnerabilities so that company data cannot be accessed on your exchange servers. If BYOD and mobile device security is on your mind these days—as it is for most security professionals-you'll want to watch this video to learn more!
In today's Whiteboard Wednesday, Saj Sahay talks about the top 5 challenges in securing mobile devices. With the bring your own device (BYOD) trend growing, it is important to protect your employee's mobile devices and the exchange servers that access company data. Watch this quick video to learn how to secure your devices.
Organizations need to be able to understand and test their users' behavior without anti-virus programs stopping these tests in their tracks. A great way to explore that user behavior is by deploying social engineering programs during a pen test. In today's Whiteboard Wednesday, David Maloney explains several anti-virus evasion techniques you can employ for your Metasploit pen tests.
Today's Whiteboard Wednesday video is presented by Tod Beardsley who talks about open source exploit development. Learn how Metasploit was created and how the open source community is leveraged to make Metasploit so powerful.
This Whiteboard Wednesday features Mark Schloesser, who talks about the malware lifecycle. Mark explains what malware is, why malware is created and how you can prevent it. Since malware is involved in almost every data breach, it is important to know more about it and how you can protect yourself.
Today's Whiteboard Wednesday features Joe Dubin, Rapid7's Product Marketing Manager for Metasploit, who will be talking about social engineering security with Metasploit, specifically phishing.
Today's Whiteboard Wednesday features HD Moore who will talk about BrowserScan, Rapid7's latest free tool that checks for browser based risks.
Today's Whiteboard Wednesday features Giri Sreenivas, our VP and GM of Mobilisafe, here at Rapid7. Giri explains exactly what BYOD security is, how it came to be, and what BYOD security means in the context of ever-changing business needs. He'll also dive into what he sees as the future of BYOD security.
Today's Whiteboard Wednesday features seven of Rapid7's executives. With the holiday's right around the corner, the executive team wanted to give thanks to everyone out there who continues to support us at Rapid7.
Today's Whiteboard Wednesday features Patrick Vitalone and John Greene, who will be talking about how you can gain credibility with IT teams by pen testing for risk validation.
Today's Whiteboard Wednesday features Bernd Leger, Rapid7's VP of Marketing, who will be talking about IPv6 security and why it is important to your security program. He goes over what IPv6 actually is, why it is relevant to the security world and next steps to protect IPv6 networks and devices.
Today's WhiteBoard Wednesday features Mike Tuchen, Rapid7's CEO, who will be talking about the acquisition of Mobilisafe and what it means to you.
In this video, Bernd Leger, VP of Marketing, shows you how to prioritize threats in your environments in order to become more efficient and proactive with your vulnerability management.
In this video, Chris Kirsch, Product Marketing Manager of Metasploit, explains exactly what penetration testing is - and what it isn't. In addition, he reviews how you can use penetration testing tools to validate security risks in your environment.