Webcasts
Upcoming
What's New in Vulnerability Management: Nexpose 5.1
Jan 31, 2012 - 2PM: Fast on the heels of the Nexpose 5.0 release comes the next iteration from Rapid7: Nexpose 5.1. To be released in Q1 2012, Nexpose 5.1 includes new features that companies of all sizes can use today to improve their security practices and reduce their risk exposure.
On Demand
Board Room Spy Cams: How Attackers Take Over Your Video Conferencing Systems And How To Stop Them
Video conferencing systems are one of the least understood platforms found on enterprise networks, often installed in locations that host senior-level staff, and outside of the scope of typical security assessments. This combination can expose the organization and the partners that it communicates with to espionage and data theft. Many vendors ship video conferencing system with default settings that can be used to remotely monitor a conference room, initiate outbound calls, and in some cases, provide remote system access to the device itself, turning it into a launching pad for new attacks.
Effective password testing using Metasploit with HD Moore
Software vulnerabilities receive most of the limelight in network security, but weak, shared, and mismanaged passwords are often the biggest threat to most organizations. Assessing password issues can be difficult and many problems are not visible to standard security tools.
How to find out if your SCADA system is vulnerable to cyber-attacks
In this webinar for CIOs and managers in the oil, gas and manufacturing industries, Jack Daniel talks about ways to determine where SCADA systems and corporate assets are vulnerable to attacks.
Security War Stories: Life on the Front Lines of a Breach
So you've been breached - and now what? Or better yet, you want to learn from the experiences of those that have to ensure that you're better prepared for the future.
Advanced Persistent Defense
Threats are constant and evolving. In this security landscape, organizations need to be proficient in both defense AND offense in order to protect themselves. We will also explore the countermeasures available to deterring, detecting, and responding to attacks on your network.
How to set up a penetration testing test lab
Join Matt Barrett, Security Consultant for Rapid7, for this Webcast to learn how to set up a pen test lab.
What's New in Nexpose 5.0: The Next Generation of Vulnerability Management
Organizations across all industries and government agencies (at both the federal and state level) are struggling to mitigate constant cyber threats and comply with legislative or regulatory mandates. Please join Kelly Martin, Director of Product Management for Rapid7 to learn about the patent-pending new features of Nexpose 5.0 and see how they can help you improve your overall risk posture.
What's new with Metasploit? HD Moore's personal tour of the next product version
In this hands-on webinar for security engineers and network administrators, HD Moore shows a live demo of a new version of Metasploit, covering existing and new Metasploit editions.
Identifying Real Risk in Virtualized Environments: A New Paradigm in Vulnerability Management
The widespread adoption of virtualization techniques provides proven benefits for organizations including lower cost of ownership, accelerated hardware ROI, and a simplified physical infrastructure. However, for security teams, virtualization has opened up a bit of a pandora's box.
Do you have your priorities straight? How to prevent data breaches by fixing the 'right' vulnerabilities
In this hands-on webinar for information security officers, HD Moore shows a live demo on how you can integrate your vulnerability management program with Metasploit Pro to help prevent data breaches.
Mastering Cyber Security Attacks
As computer software has become the backbone of modern civilization, organized cyber criminals, state sponsored cyber attackers, and terrorist organizations try to exploit design flaws and weaknesses in the applications in order to generate revenue and carry out criminal activities.
Leveraging Metasploit Pro to enhance Red and Blue Teaming in Federal Agencies
In this webinar for penetration testers and network security engineers in government agencies, Eden Martinez talks about new techniques in Metasploit Pro to let Red teams simulate attacks on government networks and allow Blue teams to go on the offensive against them.
Consulting for Profit: Building a Business on Security Assessments
In this talk for security consultants and practice managers, Jack Daniel talks about how he uses Rapid7 solutions in consulting practice to increase both his margins and the satisfaction of his clients.
Identifying Infrastructure Blind Spots with Metasploit Framework
In this session for security practitioners who are responsible for enterprise network security solutions, Marcus Carey discusses how to use the Metasploit Framework beyond penetration testing to validate whether security solutions are working as expected. He presents new Metasploit modules designed specifically for testing firewalls, IDS, IPS, and DLP solutions.
Pentesting Your Security Team
If you are looking at a specific piece of earth, you'll notice an ant walking by, but if you walk to the mailbox you'll probably miss a dozen of them. Network Attack Simulations (Attack Sims) are the way to test what an actual attacker is going to do to your network. Are you prepared for the truth about your network? Join Rob Fuller, Security Consultant for Rapid7, for this Webcast to learn tips for Pentesting your Security team.
Insider Threat Testing
The game changed when people started realizing that they needed to protect their networks. Firewalls and IDS were the solution and Pentesters began to test those mitigations 24/7. Now the game has changed once again. Insiders have become a tremendous threat and it is high time that you start addressing them. Join Rob Fuller, Security Consultant for Rapid7, for this Webcast to learn tips for testing against this increasing threat today.
When CSOs Attack
In this talk, HD discusses his experience implementing mandatory audits of new products and services in the office of the CSO and how the results led to better decisions across the organization. While he covers the overall process and some of the most surprising results, it also dives into the technical details of the most interesting vulnerabilities and their exploits.
Goal Oriented Pen Testing
Many security professionals and sys-admins do not have a solid understanding of what a penetration assessment is. What does the penetration tester spend time on? What drives the penetration tester? How do they prioritize what they focus on during an engagement? How do I get the most value out of an engagement?
In this webcast, Joshua "Jabra" Abraham explains the methodology used by the Rapid7 Professional Services Team to answer those questions.
Highlights of the latest w3af release – featuring Web Application Security Payloads
Join Andres Riancho, Director of Web Security for Rapid7 and founder of w3af, as he provides a walkthrough of the new w3af release.
Beyond Compliance: Meeting the new threat landscape head-on
In this On-Demand Webcast, our featured speaker, Chenxi Wang, Vice President, Principal Analyst, of independent research firm, Forrester Research, provides an overview of the importance of security beyond compliance.
An Introduction to Metasploit Pro
Join Metasploit founder and Rapid7 CSO, HD Moore, to learn about Metasploit Pro, a new commercial penetration testing tool based on the open source Metasploit Framework. Metasploit Pro’s graphical user interface enables ethical hackers to quickly and easily launch simultaneous, sophisticated attacks against several targets. Metasploit Pro automates common tasks such as smart bruteforcing, evidence collection and reporting to speed up your pen testing assignments.
Managing Security Challenges in Higher Education: Real-world solutions for Colleges and Universities
Colleges and universities have a unique combination of security challenges that go far beyond providing strictly educational services. Institutions of higher education can operate as communities-within-a-community, providing many of the services typically found within a city including housing, retail, medical, and financial services, making them subject to meeting regulatory compliance requirements such as PCI, HIPAA/HITECH, and GLBA.
Meeting the MA 201 CMR 17.00 Challenge - Continuing the Dialog: Get real-world solutions for how you can comply with the new Massachusetts Data Privacy Law
Considered the most aggressive new data privacy law in the country, 201 CMR 17.00 went into effect on March 1st 2010. Designed to protect Massachusetts residents from the rising incidence of fraud and identity theft that result from data breaches, this new regulation applies nationwide and is the leading edge in a new breed of proactive state regulations designed to prevent data loss rather than just require breach notification. Enforced by the State of Massachusetts Attorney General’s office, the new law establishes a minimum standard to be met for the protection of Massachusetts resident’s personal information (PI) contained in both paper and electronic records.
HIPAA and HITECH Act data security
New HIPAA Security Rule enforcement began in February 2010 under the HITECH Act. Healthcare providers and their business associates that fail to secure protected health information are now subject to new penalties. Security rules found under HIPAA now enforced by the HITECH Act enable state attorney general’s offices to pursue civil charges on behalf of victims. In this On Demand Webcast, Rapid7, in conjunction with High Point Regional Health System, talk about how you can protect your patients and secure your business.
Insight into Vulnerability Management Trends, Regulatory Compliance and Product Solutions
Protecting business critical information is a necessity due to the financial implications of a breach and the growing number of regulations. But where do you begin?
Check out this new program and hear three industry experts share their insight on vulnerability management trends, regulatory compliance, and the latest product solutions.
MASS 201 CMR 17.00 Deadline is Quickly Approaching, Are You Prepared? Listen to this OnDemand Roundtable to Find Out
In an effort to protect Massachusetts residents from the rising incidence of fraud and identity theft from data loss, the State of Massachusetts has implemented aggressive regulatory requirements to protect personal information. The state now requires mandatory compliance with 201 CMR 17.00 - Standards for the Protection of Personal Information of Residents of the Commonwealth (also known as just 201 CMR 17, or the Massachusetts Privacy Law). Building on California’s landmark security regulation SB-1386, Massachusetts Privacy Law establishes a minimum standard to be met for the protection of Massachusetts resident’s personal information (PI) contained in both paper and electronic records.
