Whiteboard Wednesday Videos

5 Reasons You Should Attend Rapid7 Real-Time
August 27, 2014

5 Reasons You Should Attend Rapid7 Real-Time

In today's Whiteboard Wednesday, Lee Weiner, Senior VP of Products and Engineering at Rapid7 will discuss the top 5 reasons that you should attend our free Rapid7 Real-Time Event.

Zero Days Explained
August 20, 2014

Security Events, Incidents, and Breaches Explained

In today's Whiteboard Wednesday, Chris Kirsch, Principal Product Marketing Manager at Rapid7 for UserInsight will discuss the difference between security events, incidents, and breaches.

Zero Days Explained
August 14, 2014

Zero Days Explained

In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss zero days.

Security Compliance 101: Why Compliance Doesn't Equal Security
July 30, 2014

Security Compliance 101: Why Compliance Doesn't Equal Security

In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss compliance and how it should fit into your security program today.

Black Hat 2014: Interesting Topics at this Year's Conference
July 23, 2014

Black Hat 2014: Interesting Topics at this Year's Conference

In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss the talks that he will most likely be attending at Black Hat 2014 this year.

DEF CON 22: Six Interesting Topics at This Year's Conference
July 16, 2014

DEF CON 22: Six Interesting Topics at This Year's Conference

In today's Whiteboard Wednesday, Nick Percoco, Vice President of Strategic Services at Rapid7 will discuss the 6 talks that he will most likely be attending at DEF CON 22 this year.

5 Steps to Performing a PCI 3.0 Gap Analysis
July 9, 2014

5 Steps to Performing a PCI 3.0 Gap Analysis

In today's Whiteboard Wednesday, Nate Crampton, Product Marketing Manager at Rapid7 will discuss the 5 steps needed to perform a PCI 3.0 gap analysis.

Who Else Got Phished: Methods for Phishing Detection and Prevention
June 25, 2014

Who Else Got Phished: Methods for Phishing Detection & Prevention

In today's Whiteboard Wednesday, Jay Roxe, Senior Director of Product Marketing at Rapid7 will discuss phishing and focus on the prevention and detection of phishing attempts targeted at your users.

How to Detect Compromised Users: Breaking the User Kill Chain
June 11, 2014

How to Detect Compromised Users: Breaking the User Kill Chain

In today's Whiteboard Wednesday, Lital Asher-Dotan, Senior Product Marketing Manager for UserInsight at Rapid7 will discuss the current chain of events an attacker must take to successfully exfiltrate data from your network.

OpenSSL Vulnerabilities CVE-2014-0224 and CVE-2014-0195 Explained
June 06, 2014

Special Friday Edition: OpenSSL Vulnerabilities CVE-2014-0224 and CVE-2014-0195 Explained

In today's Whiteboard Wednesday, Ross Barret, Senior Manager of Security Engineering at Rapid7 will discuss the latest OpenSSL vulnerabilities that were released on June 5, 2014.

Securing the Internet of Things
June 04, 2014

Securing the Internet of Things

In today's Whiteboard Wednesday, Nick Percoco, VP of Strategic Services at Rapid7 will discuss the Internet of Things and how it affects security.

How Pen Testing Productivity Helps Boost Security
May 28, 2014

How Pen Testing Productivity Helps Boost Security

In today's Whiteboard Wednesday, Chris Kirsch, Senior Product Marketing Manager will discuss how you can save 45% of your time when pen testing by taking advantage of some great productivity features.

eBay Hacked: Need-to-Know Details for Protection
May 21, 2014

eBay Hacked: Need-to-Know Details for Protection

In today’s Whiteboard Wednesday, Chris Kirsch, Senior Product Marketing Manager at Rapid7 will discuss the latest eBay hack which was announced on May 21st.

Key Takeaways from the Verizon Data Breach Report (DBIR)
May 14, 2014

Key Takeaways from the Verizon Data Breach Report (DBIR)

In today’s Whiteboard Wednesday, Jay Roxe, Senior Director of Product Marketing will talk about some of the key takeaways from the 2014 Verizon Data Breach Investigation report.

How Noisy is Your Incident Detection System?
May 07, 2014

How Noisy is Your Incident Detection System?

In today’s Whiteboard Wednesday, Lital Asher-Dotan, Senior Product Marketing Manager for UserInsight, will discuss Incident Detection Systems (IDS), and how the overwhelming amount of alerts tend to hide real risk in your environment.

Internet Explorer 0-Day: A Summary with Mitigation Advice
Apr 30, 2014

Internet Explorer 0-Day: A Summary with Mitigation Advice

In today’s Whiteboard Wednesday, Nick Percoco, Vice President of Strategic Services, will talk about the latest Internet Explorer 0-day.

Network Segmentation Testing: An Overview and How To Guide
Apr 23, 2014

Network Segmentation Testing: An Overview and How To Guide

In today’s Whiteboard Wednesday, Chris Kirsch, Senior Product Marketing Manager, will talk about the importance of network segmentation.

Cloud Security Monitoring: Why Monitoring Cloud Services Alone Isn’t Enough
Apr 16, 2014

Cloud Security Monitoring: Why Monitoring Cloud Services Alone Isn’t Enough

In today’s Whiteboard Wednesday, Lital Asher-Dotan, Senior Product Marketing Manager, will talk about cloud security monitoring and why monitoring cloud services alone isn’t enough.

OpenSSL Heartbleed Vulnerability Explained: Tips for Protection
Apr 9, 2014

OpenSSL Heartbleed Vulnerability Explained & Tips for Protection

In today’s Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7, will talk about the OpenSSL vulnerability called Heartbleed.

How to Save 140 Hours a Month on Vulnerability Management
Apr 2, 2014

How to Save 140 Hours a Month on Vulnerability Management

In today's Whiteboard Wednesday, Bill Bradley, Product Marketing Manager at Rapid7, will discuss the topic, "How to Save 140 Hours a Month on Vulnerability Management".

PCI 3.0 and Penetration Testing, Requirement 11.3 Explained
Mar 26, 2014

Anti-Virus (AV) Evasion for Proper Penetration Testing

In today’s Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager at Rapid7, will discuss the topic, Anti-Virus (AV) Evasion for Proper Penetration Testing”.

PCI 3.0 and Penetration Testing, Requirement 11.3 Explained
Mar 19, 2014

PCI 3.0 and Penetration Testing, Requirement 11.3 Explained

In today's Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager at Rapid7, will discuss the topic, "PCI 3.0 and Penetration Testing, Requirement 11.3 Explained".

SANS Top 20 Critical Controls: A Beginners Guide
Mar 12, 2014

SANS Top 20 Critical Controls: A Beginners Guide

In today’s Whiteboard Wednesday, Bill Bradley, Product Marketing Manager at Rapid7, will discuss the topic, “SANS Top 20 Critical Controls: A Beginners Guide”.

Why a Layered Security Approach is the Key to Successful Security Programs
Mar 5, 2014

Why a Layered Security Approach is the Key to Successful Security Programs

Watch this video to learn what it means to have a layered approach to security and how it can help you achieve your company's security goals. Bill discusses the types of tools that you should consider when building a layered security program.

Why Timely Detection of Security Threats Equals Real Money
FEB 19, 2014

Why Timely Detection of Security Threats Equals Real Money

Watch this video to learn how much money an organization spends on average to remediate a data breach and how long it takes them to do so. Learn how you can detect threats faster and save your organization money by using UserInsight for fast, automated, threat detection across your network, cloud, and mobile environments.

Why All Cloud File Transfer Services Put Your Organization's Data at Risk
FEB 12, 2014

Why All Cloud File Transfer Services Put Your Organization's Data at Risk

Watch this video to learn how cloud file transfer services, used by your employees and colleagues, put your organization’s data at risk and find out how to monitor suspicious behavior across these cloud services so you can answer the question, "Who leaked the data?"

Why Monitoring Geolocation Information Matters for Security
FEB 5, 2014

Why Monitoring Geolocation Information Matters for Security

In today’s Whiteboard Wednesday, Jason Weiss, a member of the engineering team for UserInsight at Rapid7, will discuss the topic, "Why Monitoring Geolocation Information Matters for Security". In this video, Jason explains the importance of geolocation monitoring in order to find anomalies in user activity.

Do Disgruntled Ex-Employees Access Company Data After They Leave?
Jan 29, 2014

Do Disgruntled Ex-Employees Access Company Data After They Leave?

In today's Whiteboard Wednesday, Lital Asher-Dotan, Product Marketing Manager for UserInsight at Rapid7, will discuss the topic, "Do Disgruntled Ex-Employees Access Company Data After They're Gone?" Lital explains the complexity of managing ex-employees accounts outside of the network across cloud services.

How To Remove False Positives From Security Threat Investigations
Jan 22, 2014

How To Remove False Positives From Security Threat Investigations

Threat investigation should be much simpler for security teams. This is the main topic for this week’s Whiteboard Wednesday. Jason Weiss, an Engineer for Rapid7’s new UserInsight product talks about the painful process of going back and forth between systems to try and piece together evidence that will give a security team insight into who may have committed a risky action on their network. Jason will tell you how you can remove false positives in your threat investigation and how you can easily monitor and trace risky behavior down to the user on your network, across mobile devices, or even on the cloud services that your employees use.

Security in the Year of the Mega Breach: How to Protect Yourself and Your Organization from the Most Common Attacks
Jan 15, 2014

Security in the Year of the Mega Breach: How to Protect Yourself and Your Organization from the Most Common Attacks

In today’s Whiteboard Wednesday, Jay Roxe, Director of Products at Rapid7, will discuss the topic, “Security in the Year of the Mega Breach”.Jay discusses the most common threat vector used to acquire both personal and organizational data, deception-based attacks. Deception-based attacks are one of the toughest attacks to control. Security professionals are getting much better at locking down a network, however it is very hard for them to stop somebody from gaining access to a network through a user on their network. Watch this video to come away with actionable ways to avoid deception-based attacks both in the workplace as well as outside the workplace.

7 Tips For Safe Holiday Shopping This Holiday Season
Dec 18, 2013

7 Tips For Safe Holiday Shopping This Holiday Season

In today's Whiteboard Wednesday, Patrick Hellen discusses 7 tips for safe online shopping this holiday season. From updating your browsers to avoiding shady websites, Patrick gives you 7 easy steps to help you protect your personal information as you make online purchases this holiday season.

Penetration Testing SAP ERP Systems with Metasploit
Dec 11, 2013

Penetration Testing SAP ERP Systems with Metasploit

In today's Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager for Metasploit, will talk about pen testing your SAP systems and why it is tough for pen testers.

User-Based Risk Monitoring: Answering the Question, Who Dunit?! On Your Network and Across Cloud Services
Dec 04, 2013

User-Based Risk Monitoring: Answering the Question, "Who Dunit?!" On Your Network and Across Cloud Services

In today's Whiteboard Wednesday, Jason Weiss from the UserInsight Engineering Team, will tell you exactly how you can answer the question, "Who Dunit?!" on your network and across cloud services.

Cloud Security: Handling The Disappearance of the IT Security Perimeter
Nov 20, 2013

Cloud Security: Handling The Disappearance of the IT Security Perimeter

In today's Whiteboard Wednesday Jason Weiss, will talk about the disappearance of the IT security perimeter and how it shapes our security programs moving forward.

PCI DSS 3.0 - An Overview of Latest Changes
Nov 13, 2013

PCI DSS 3.0 - An Overview of Latest Changes

In today's Whiteboard Wednesday Nate Crampton, Product Marketing Manager for Nexpose, will break down the latest changes included in PCI 3.0 Watch this quick video to learn about the new requirements.

Cloud Service Security Risk: How to Protect Yourself
Nov 06, 2013

Cloud Service Security Risk: How to Protect Yourself

In today's Whiteboard Wednesday our Senior Director of Product Marketing, Jay Roxe, will discuss why you should be paying just as much attention to cloud service security as you do to network security.

Security Horror Sequels - Don't Be A Victim!
Oct 30, 2013

Security Horror Sequels - Don't Be A Victim!

In today's Halloween themed Whiteboard Wednesday, Patrick Hellen will relate mistakes made in horror movies with mistakes made within security teams. From user-based risk to threat prioritization, learn about some of the most common mistakes that every security team should avoid.

Patch Management Best Practices
Oct 23, 2013

Patch Management Best Practices

In today's Whiteboard Wednesday, we will walk you through some patch management best practices. We understand how tough it is to keep up with all of the patches that come out each week. By doing a lot of the leg work up front and organizing the assets within your organization, you can save a lot of time in the end. We will walk you 6 steps you can take to improve your current patch management process in this Whiteboard Wednesday.

Penetration Testing Techniques - DREAD Methodology
Oct 16, 2013

Penetration Testing Techniques - DREAD Methodology

This week's Whiteboard Wednesday is on DREAD as a reporting methodology as it pertains to penetration testing. Rene Aguero, Senior Sales Engineer for Rapid7 will dive into the DREAD and why he thinks that every pen tester should use DREAD as a reporting methodology when pen testing. Check out the video to learn more!

Three Security Controls You Should Be Using
Oct 09, 2013

Three Security Controls You Should Be Using

In today's Whiteboard Wednesday, Jane Man, Product Marketing Manager for ControlsInsight, discusses three important security controls that you should be paying attention to.

Password Auditing with Metasploit
Oct 02, 2013

Password Auditing with Metasploit

In today's Whiteboard Wednesday, David Maloney dives into password auditing techniques with Metasploit. He goes over the three main techniques which are brute force or online password attacks, hash cracking or offline attacks and password recovery attacks. To learn more about these techniques, watch the video above. Make sure to download Metasploit for password auditing!

Biometric Security: Our Take on Apple's New Technology
Sep 25, 2013

Biometric Security: Our Take on Apple's New Technology

In today's Whiteboard Wednesday, Patrick Hellen discusses the new biometric security features on the new iPhone 5S. Everybody is talking about how user friendly the new fingerprint scanner is but how is it from a security perspective? Watch this quick video to see what Patrick feels are the pros and cons of the new feature.

Justifying Penetration Testing Budget
Sep 18, 2013

Justifying Penetration Testing Budget

Today's Whiteboard Wednesday features Chris Kirsch, Rapid7's Product Marketing Manager for Metasploit, who will be talking about how you can effectively justify your penetration testing budget to your executive team.

FISMA 101: A Guide to Achieving FISMA Compliance
Sep 11, 2013

FISMA 101: A Guide to Achieving FISMA Compliance

In today's Whiteboard Wednesday, John Schimelpfenig will talk about FISMA compliance. John talks about what FISMA compliance is and how to achieve FISMA compliance through vulnerability management, continuous monitoring, and penetration testing.

All About User-Based Risk
Sep 04, 2013

All About User-Based Risk

This week's Whiteboard Wednesday is a primer on what user-based risk is and why it's important to trust but verify your users as part of an comprehensive security program. Jay Roxe explains in this video why the old perimeter-based concept of security is irrelevant in today's world of cloud apps and mobile devices, especially when the sophistication of social engineering attacks is on the rise.

Key Learnings From the UNITED 2013 Conference
Aug 28, 2013

Key Learnings From the UNITED 2013 Conference

In today's Whiteboard Wednesday, Patrick Hellen, our fearless community manager will discuss the key learnings from the UNITED 2013 conference. UNITED was our customer focused conference that took place in Boston last week. Learn about the major problems that security professionals have in their day to day jobs and learn about the new products that we have come out with to help solve these problems.

How to Manage Your Security Control's Effectiveness
Aug 21, 2013

How to Manage Your Security Control's Effectiveness

In today's Whiteboard Wednesday, Jane Man will discuss proper security controls effectiveness. She will talk about what it takes to assess your current security controls today and how to harden these control even more for security. She also talks about how you can go about choosing the most important security controls to assess.

Penetration Testing for PCI Compliance
Aug 14, 2013

Penetration Testing for PCI Compliance

In today's Whiteboard Wednesday, Chris Kirsch will talk about penetration testing for PCI compliance. If you are a company that accepts credit card payments, you have to comply with PCI. PCI compliance requires that you perform a penetration test at least once a year and after any significant infrastructure or application upgrade. Watch this video to learn more penetration testing for PCI compliance and download Metasploit Pro to get started!

Egress Filtering and Firewall Testing with Metasploit MetaModules
Aug 07, 2013

Egress Filtering and Firewall Testing with Metasploit MetaModules

In today's Whiteboard Wednesday, Chris Kirsch will talk about egress filtering and firewall testing with Metasploit's new MetaModules. The new MetaModules allow you to test individual security control quickly and easily making firewall testing and egress filtering simple.

Different Types of Hackers and Their Motives
Jul 31, 2013

Different Types of Hackers and Their Motives

In today's Whiteboard Wednesday, Chris Kirsch will talk about the different types of hackers and the motives behind their attacks. Learn more about the three major hacking groups and who they target. Chris will also help you understand which group of hackers you should be worried about the most.

Security Controls Testing with Metasploit
Jul 24, 2013

Security Controls Testing with Metasploit

In today's Whiteboard Wednesday, Chris Kirsch will talk about how you can audit your security controls with Metasploit. Chris will explain what security controls testing is and will give you examples around the controls that you can audit with Metasploit. He will also touch on why it is important to test individual controls rather than just including them in your regular penetration tests. Watch this video to learn more about security controls testing.

Three Steps to Mobile Application Risk Management
Jul 17, 2013

Three Steps to Mobile Application Risk Management

In today's Whiteboard Wednesday we will discuss mobile application risk management. Did you know that the average smart phone user has about 50 applications on their phone? Mobile applications can pose a threat to your corporate and personal data, especially if they are on a phone that is jailbroken or downloaded off of a non-trusted application store.

7 Tips to Follow When Evaluating Security Tools
Jul 10, 2013

7 Tips to Follow When Evaluating Security Tools

In today's Whiteboard Wednesday, Pia Flores gives you 7 tips to follow when evaluating security tools. Pia has been through thousands of evaluations with customers and these are the items she feels are most important to think about while assessing the tools that help protect your organization. Watch this quick video to learn more.

Vulnerability Disclosure Tactics
Jul 03, 2013

Vulnerability Disclosure Tactics

Watch this quick Whiteboard Wednesday video to learn all about different vulnerability disclosure tactics. Learn the differences between responsible, full, and reasonable disclosure and see why people use these different tactics. This video is presented by our Metasploit Framework who also talks about how Metasploit approaches vulnerability disclosure.

The Conflict Between IT and Security Teams
Jun 26, 2013

The Conflict Between IT and Security Teams

In today's Whiteboard Wednesday, Rachit Kumar talks about the conflict between IT and security teams when it comes to vulnerability remediation.

Three Benefits to an Offensive Security Approach - Whiteboard Wednesday
Jun 19, 2013

Three Benefits to an Offensive Security Approach - Whiteboard Wednesday

Offensive security is a proactive approach to protecting your network from outside attackers. Many times people throw up a firewall or install anti-virus and think that these security tools are going to protect you from data loss when in reality; these tools are not always working as advertised. Offensive security allows you to validate that the security measures you have in place in your environment are doing their jobs and protecting your data.

PCI Compliance 101 - What is PCI Compliance, and How Do I Become PCI Compliant?
Jun 12, 2013

PCI Compliance 101 - What is PCI Compliance, and How Do I Become PCI Compliant?

In this Whiteboard Wednesday, Ethan Goldstein explains what PCI is, how to become PCI compliant, and what you should look for in a vendor. Whether you are searching for a PCI approved scanning vendor or simply trying to answer the question, "What is PCI compliance?" Rapid7 can help! Watch this video to get started.

Mobile Risk Management vs. Mobile Device Management - What's the Difference?
Jun 05, 2013

Mobile Risk Management vs. Mobile Device Management - What's the Difference?

In today's Whiteboard Wednesday, Dirk Sigurdson discusses the differences between mobile risk management and mobile devices management when it comes to mobile security solutions.

Vulnerability Validation with Metasploit
May 29, 2013

Vulnerability Validation with Metasploit

In today's Whiteboard Wednesday, Joe Dubin talks about how you can get the most out of your security programs by integrating your vulnerability scanner with penetration testing software.

Integrating Network Topology Software with Vulnerability and Exploit Data
May 22, 2013

Integrating Network Topology Software with Vulnerability and Exploit Data

In today's Whiteboard Wednesday, Ethan Goldstein will talk about how you can make your security programs more efficient and increase the ROI of security software purchases by integrating network topology software with vulnerability and exploit data.

What is Metasploit? Whiteboard Wednesday
May 15, 2013

What is Metasploit? Whiteboard Wednesday

In today's Whiteboard Wednesday, Chris Kirsch explains what Metasploit is and how you can use this penetration testing software to protect your network. Chris will dive into each edition and explain what each has to offer. You will also learn how to install Metasploit and get up and running quickly. What is Metasploit? Let Chris tell you!

How to Pitch Security Solutions to Your CIO
May 08, 2013

How to Pitch Security Solutions to Your CIO

In today's Whiteboard Wednesday, Jay Leader, Rapid7's VP of IT and CIO will talk about the five questions you Need to Know the answer to before pitching security solutions to CIO's. If you struggle with finding the best way to communicate with your CIO/CISO about why a security solution is worth the money and implementation effort, this video is for you!

Social Media Security Best Practices
May 01, 2013

Social Media Security Best Practices

In today's Whiteboard Wednesday, John Schimelpfenig talks about social media security best practices. With the recent AP and Livingsocial hacks in April we thought that this would be a timely topic.

Nexpose 5.6 - The Powerful New Features for Your Vulnerability Management Programs
Apr 24, 2013

Nexpose 5.6 - The Powerful New Features for Your Vulnerability Management Programs

In today's Whiteboard Wednesday, Nate Crampton will talk about the latest features in the newest Nexpose 5.6 release that will take your vulnerability management programs to the next level.

Mobilisafe Now Supports Office 365 - The Only MRM Solution To Do So
Apr 17, 2013

Mobilisafe Now Supports Office 365 - The Only MRM Solution To Do So

In today's Whiteboard Wednesday we will talk about the integration between Mobilisafe and Microsoft Office 365. See how easy it is to deploy Mobilisafe throughout your business to give you much better insight into your BYOD security.

Metasploit 4.6 - What's New in the Latest Metasploit Release?
Apr 10, 2013

Metasploit 4.6 - What's New in the Latest Metasploit Release?

In today's Whiteboard Wednesday, Chris Kirsch talks about the latest Metasploit 4.6 release and all it has to offer. Here is a hint - Metasploit 4.6 is easier than ever to use! Whether you need to run a quick pen test, audit your web applications or conduct a phishing campaign, the new Metasploit 4.6 release makes it quick and easy to setup. It's like Wizardry or something!

Top 3 Mobile Policies to Use with Mobilisafe
Apr 03, 2013

Top 3 Mobile Policies to Use with Mobilisafe

In today's Whiteboard Wednesday, Dirk Sigurdson talks about the top 3 mobile policies that you should be using with Mobilisafe. With the BYOD trend rising, it is important that you put in place mobile policies that protect your organization from a data breach from mobile devices. Mobilisafe makes it easy for you to set rules and guidelines around mobile devices that connect with your exchange server. From requiring a password protected lock screen to making sure that the devices have the latest firmware update, you can set policies in Mobilisafe easily to ensure that all devices connecting to your network are protected. Watch this quick video to learn more!

Unsecured Public Information in Amazon S3 Buckets - Are Your Buckets Leaking Data
Mar 27, 2013

Unsecured Public Information in Amazon S3 Buckets – Are Your Buckets Leaking Data?

In today's Whiteboard Wednesday, Will Vandevanter talks about the Amazon S3 service and how a lot of people are misconfiguring their Amazon S3 buckets, leaving personal information exposed. Amazon S3 provides the ability to store and serve static content from Amazon's cloud. Files within S3 are then put into "buckets" which are accessible through a predictable URL.

Metasploitable - Our Intentionally Vulnerable Machine
Mar 20, 2013

Metasploitable - Our Intentionally Vulnerable Machine

In today's Whiteboard Wednesday, Chris Kirsch shows you how you can use Metasploitable, an intentionally vulnerable machine, for testing Metasploit. Chris tells you how to download, setup, and use Metasploitable for testing Metasploit before you start using Metasploit on your production servers.

BackTrack is Now Kali Linux
Mar 13, 2013

Pen Testing Tools - BackTrack is now Kali Linux

Today's Whiteboard Wednesday video features Metasploit Product Marketing Manager Chris Kirsch, who talks about one of the most well-known pen testing tools, Kali Linux—the next step in the evolution of BackTrack, a popular pen testing tool. Learn about all of the new features in this updated and renamed release, and how Metasploit now supports Kali Linux as an official platform.

Abusing Windows Remote Management Service with Metasploit
Mar 06, 2013

Abusing Windows Remote Management Service with Metasploit

In today's Whiteboard Wednesday, David Maloney talks about the Windows Remote Management Service. WinRM is a service designed to allow System Administrators to issue commands to remote machines. In this video, David discusses how Metasploit can identify these services and attack them, gaining unfettered access to machines, and doing so without being detected by Antivirus Solutions.

EZ Mode Hacking with Metasploit
Feb 27, 2013

EZ Mode Hacking with Metasploit

In this week's Whiteboard Wednesday, Rapid7 CSO HD Moore walks us through a simple pen testing trick that doesn't require use of exploits. This technique can be a useful tool in a social engineering campaign to measure users' security awareness.

Mobile Security - A Day in the Life of an IT Manager
Feb 13, 2013

Mobile Security - A Day in the Life of an IT Manager

In today's Whiteboard Wednesday, Saj Sahay and Giri Sreenivas do a little role play and discuss what it is really like to be an IT manager during the BYOD trend. Giri and Saj will provide you with more information around what BYOD is, how it effects your organization and what you can do to protect your company's information through mobile devices. Using a mobile risk management or mobile risk assessment software like Mobilisafe will allow you to track all of the devices that connect to your exchange server, see which devices are at risk, and even allows you to set policies that ensure that every device on your network meets the required security needs.

Password Security Tips and Best Practices
Feb 06, 2013

Password Security Tips and Best Practices

As our workforce grows increasingly mobile, it's more important than ever to make sure you secure your passwords to keep the data you access on your laptop, your cell phone-wherever-safe and sound. Rapid7 Community Manager Patrick Hellen shares some password security tips to make sure you keep your accounts uncompromised.

Top 4 Mobile Device Security Concerns
Jan 30, 2013

Top 4 Mobile Device Security Concerns

In today's Whiteboard Wednesday, Saj Sahay and Giri Sreenivas discuss the Bring Your Own Device (BYOD) trend and mobile device security in general. This video names the top mobile device security concerns associated with the popular "Bring Your Own Device" (BYOD) trend. Giri and Saj also discuss how you can mitigate mobile vulnerabilities so that company data cannot be accessed on your exchange servers. If BYOD and mobile device security is on your mind these days—as it is for most security professionals-you'll want to watch this video to learn more!

Top 5 Challenges Securing Mobile Devices
Jan 23, 2013

Top 5 Challenges Securing Mobile Devices

In today's Whiteboard Wednesday, Saj Sahay talks about the top 5 challenges in securing mobile devices. With the bring your own device (BYOD) trend growing, it is important to protect your employee's mobile devices and the exchange servers that access company data. Watch this quick video to learn how to secure your devices.

Evading Anti-virus Detection with Metasploit
Jan 16, 2013

Evading Anti-virus Detection with Metasploit

Organizations need to be able to understand and test their users' behavior without anti-virus programs stopping these tests in their tracks. A great way to explore that user behavior is by deploying social engineering programs during a pen test. In today's Whiteboard Wednesday, David Maloney explains several anti-virus evasion techniques you can employ for your Metasploit pen tests.

Open Source Exploit Development
Jan 09, 2013

Open Source Exploit Development

Today's Whiteboard Wednesday video is presented by Tod Beardsley who talks about open source exploit development. Learn how Metasploit was created and how the open source community is leveraged to make Metasploit so powerful.

The Malware Lifecycle
Jan 02, 2013

The Malware Lifecycle

This Whiteboard Wednesday features Mark Schloesser, who talks about the malware lifecycle. Mark explains what malware is, why malware is created and how you can prevent it. Since malware is involved in almost every data breach, it is important to know more about it and how you can protect yourself.

Social Engineering Security and Phishing with Metasploit
Dec 19, 2012

Social Engineering Security and Phishing with Metasploit

Today's Whiteboard Wednesday features Joe Dubin, Rapid7's Product Marketing Manager for Metasploit, who will be talking about social engineering security with Metasploit, specifically phishing.

BrowserScan with HD Moore - Whiteboard Wednesday
Dec 12, 2012

BrowserScan with HD Moore - Whiteboard Wednesday

Today's Whiteboard Wednesday features HD Moore who will talk about BrowserScan, Rapid7's latest free tool that checks for browser based risks.

BYOD Security - Whiteboard Wednesday
Dec 05, 2012

BYOD Security - Whiteboard Wednesday

Today's Whiteboard Wednesday features Giri Sreenivas, our VP and GM of Mobilisafe, here at Rapid7. Giri explains exactly what BYOD security is, how it came to be, and what BYOD security means in the context of ever-changing business needs. He'll also dive into what he sees as the future of BYOD security.

7 Things We Are Thankful For This Holiday Season - Whiteboard Wednesday
Nov 21, 2012

7 Things We Are Thankful For This Holiday Season - Whiteboard Wednesday

Today's Whiteboard Wednesday features seven of Rapid7's executives. With the holiday's right around the corner, the executive team wanted to give thanks to everyone out there who continues to support us at Rapid7.

IPv6 Security - Why You Should Care About It
Nov 07, 2012

Gaining Credibility With IT Teams Via Pen Testing

Today's Whiteboard Wednesday features Patrick Vitalone and John Greene, who will be talking about how you can gain credibility with IT teams by pen testing for risk validation.

IPv6 Security - Why You Should Care About It
Oct 31, 2012

IPv6 Security - Why You Should Care About It

Today's Whiteboard Wednesday features Bernd Leger, Rapid7's VP of Marketing, who will be talking about IPv6 security and why it is important to your security program. He goes over what IPv6 actually is, why it is relevant to the security world and next steps to protect IPv6 networks and devices.

Rapid7 Acquires Mobilisafe - Whiteboard Wednesday
Oct 10, 2012

Rapid7 Acquires Mobilisafe - Whiteboard Wednesday

Today's WhiteBoard Wednesday features Mike Tuchen, Rapid7's CEO, who will be talking about the acquisition of Mobilisafe and what it means to you.

Risk Prioritization For Maximum Efficiency
Oct 03, 2012

Risk Prioritization For Maximum Efficiency

In this video, Bernd Leger, VP of Marketing, shows you how to prioritize threats in your environments in order to become more efficient and proactive with your vulnerability management.

What is Penetration Testing
Sep 26, 2012

What is Penetration Testing?

In this video, Chris Kirsch, Product Marketing Manager of Metasploit, explains exactly what penetration testing is - and what it isn't. In addition, he reviews how you can use penetration testing tools to validate security risks in your environment.