Incident Response: Why You Need to Detect More than Pass the Hash Technical Paper
Practitioners need to educate users, reduce the use of administrative privileges in an organization, actively avoid RDP, and do as much as possible to eliminate NTLM authentications. In spite of the progress Microsoft has made in recent years to mitigate known attacks like Pass-the-Hash (PtH), especially in Windows 8.1, this threat has not been eliminated.
This is a defensive guide providing a series of steps necessary to make detection achievable for the incident response team. It is wholly intended to highlight where to look and what to look for so that compromised credentials can be detected.
Vulnerability Management Buyer's Guide
With increasingly complex IT environments, vulnerability scans can produce an overwhelming amount of information. Filtering through results to find the true risks that matters to your business can be a challenging and time-consuming task. A good VM solution does more than just scanning – it also helps you to prioritize vulnerabilities to drive effective risk reduction.
That's why we've created this buyer's guide, with an easy-to-use checklist, to help you determine your requirements for selecting an effective vulnerability management solution for your organization.
User-Based Attacks – The Kill Chain: From Compromising User Credentials to Exfiltrating Data
The Verizon Data Breach Investigations Report 2014 (DBIR) identifies stolen credentials as the number one most-used attacker method. Your users are under attack, or will be under attack, and in some cases, will become compromised one way or another. In this whitepaper, we’ve mapped common attacker behaviors to what we call "the user-based attacks kill chain." Download our whitepaper on the user-based attacks kill chain to arm yourself and your team with the knowledge you need to stop an attacker in their tracks.
Ten Tips for Detecting Malicious and Compromised Users
According to the Verizon Data Breach Investigations Report (DBIR) of 2014, compromised credentials are now the most commonly-used threat action. Stolen credentials were the most prevalent method for breaking into networks. At the same time, compromising user accounts via phishing and social engineering techniques was the third-most used attacker tool. As user-based attacks are now more common than ever, you must make detecting them a priority today. To help you build a robust user protection plan, we've assembled 10 tips.
Find the True Risks – Building An Advanced Security Risk Management Program
Building a better risk management program takes less time than you might think. All you need to do is establish an effective process for identifying, remediating, and tracking risks to assets. With those basic elements place, you can adopt increasingly advanced techniques at a pace that makes sense for your organization. This ebook explains the fundamentals that underpin effective asset risk management. It then walks you through several advanced techniques that can enhance your program.
You Can't Control It, But You Can Protect it: Enabling Security for Cloud, Mobile, and Social Applications
Security practices focused on on-premise systems can’t protect your organization from breaches and attacks as they once did. The line between on-premise and off-premise technologies isn't just blurred; it's barely relevant. Your ability to monitor users must encompass on-premise, cloud and mobile technology, or you might as well forget about security. This paper discusses reasons why visibility is so essential, and outlines how you can use visibility beyond and within the firewall to develop policies and processes that protect what you can’t control.
Security Guide: How to Evade Anti-Virus Detection
Penetration testing can give you a clear view of the vulnerabilities that can easily be exploited within your environment; however, organizations need to be able to understand and test their users' behavior without anti-virus programs stopping these tests in their tracks. A great way to explore that user behavior is by deploying social engineering programs during a pen test. In this guide, penetration testers will learn how to evade anti-virus detection on target machines.
The Nexpose Expert System: Using an Expert System for Deeper Vulnerability Scanning
This paper explains how Rapid7 Nexpose uses an expert system to achieve better results in vulnerability scanning compared to traditional procedural methods. After a brief discussion of the product objectives and implementation, this paper explores the use of expert systems to achieve accurate and detailed vulnerability results.
The Unwitting Danger Within - Understanding and Mitigating User-Based Risk
There is a security risk in your organization that can render all of your security controls worthless with a single click. It is dynamic and changes in real-time. It is the weakest link in your infrastructure, and no singular security appliance or software exists that can lock it down. What's more, you have not one but hundreds-perhaps thousands-of these risks, each sitting behind a desk in your organization. While users represent the single largest security risk to organizations, there are measures you can put in place to mitigate the risk they can introduce to your organization. This eBook explores the different kinds of user-based risks in today's corporate environment, including mobile devices and cloud services, and gives actionable guidance on how to mitigate these risks.
Mobile Security Guide: Protect Your Organization From Mobile Malware
As mobile devices become more common, cybercriminals see them as having huge profit potential, and aim to gain access to the user's confidential personal and financial information. In this Mobile Security Guide, we'll walk you through the mobile malware landscape and what you need to know to keep your organization's data safe.
Mobile Security Guide: Policies To Mitigate Device Threats
This first-in-a-series guide gives you brief and easy recommendations on policies you can set at your organization to secure mobile devices, mitigate mobile threats, and secure company data.
Combating Phishing Attacks: How to Design an Effective Program to Protect Your Organization Against Social Engineering
It seems like we've been hearing a lot about phishing in the news in recent years, and this threat hasn't abated yet. Why are attacks via phishing -and social engineering in general -so prevalent and so effective? This whitepaper examines the many different methods employed in phishing attacks and social engineering campaigns, and offers a solution-based approach to mitigating risk from these attack vectors.
Risk Visibility and Management: How IT Security Teams Can Enable Speed With Control
As fast as organizations move, IT security needs to move even faster. There are constant pressures to streamline operations and safeguard valuable assets while keeping up with a deluge of new technologies and maintaining usability for employees, partners, vendors, investors, and more. The critical capability to balance this need for speed with demand for security is visibility. Download this whitepaper to learn more.
Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS Compliance
The Payment Card Industry Data Security Standards (PCI DSS), with its over 200 requirements, can seem like a daunting set of regulations. Nonetheless, if your organization handles any kind of credit card information, you must be PCI DSS compliant. As difficult as this can seem, you can get expert help with our new eBook: Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS Compliance.
Three Steps to Mitigate Mobile Security Risks
Read this whitepaper to learn about the mobile security landscape, key mobile security risks, and how to mitigate these risks in order to protect company data.
The Dynamic Nature of Virtualization Security: The need for real-time vulnerability management and risk assessment
The cornerstones of a proactive security strategy are vulnerability management and risk assessment. However, traditional “scan-and-patch” vulnerability scanning approaches are inadequate for dynamic, virtualized environments. Traditional scanners cannot track changes in real time, so they cannot accurately measure constantly changing risks. Anyone charged with securing IT assets needs to understand the dynamic security risks inherent to virtualized environments, and more importantly, what to do to mitigate those risks. This whitepaper explores the challenges of securing a virtualized environment and gives actionable solutions to address them.
Leveraging Security Risk Intelligence - The strategic value of measuring Real Risk™
The ongoing struggle to prevent hackers from breaching assets and malware from gaining a foothold requires a vulnerability management strategy that begins with a comprehensive measurement of security risk. Starting with an understanding of the need for effective risk management followed by a definition of the elements of risk, this whitepaper presents the advantages and strategic value of Rapid7 Security Risk Intelligence for your environment and illustrates its operation.
What is Penetration Testing? An Introduction for IT Managers
A penetration test is often a key requirement for compliance with key regulations. But while many organizations know they need penetration testing, it can be hard to know how to fit them in to a larger security program, or even how to get started. Our whitepaper, "What is Penetration Testing? An Introduction for IT Managers," is a clear and succinct introduction to the core principles and best practices of penetration testing.
Vulnerability Management Evolution: From Tactical Scanner to Strategic Platform
Organizations have traditionally viewed vulnerability scanners as a tactical product, largely commodotized, and only providing value around audit time. The tide is turning and there is a clear shift from largely compliance-driven messaging to a more security-centric view.
The CISO's Guide To Virtualization Security
This guide describes the security challenges within virtualized environments and shows how to apply the concepts of Forrester's Zero Trust Model of information security to secure the virtual environment effectively.
How to Justify Your Security Assessment Budget
Penetration testing has been established as a standard security tool in the past years: While the topic was mostly used in the military and intelligence services until recently, penetration testing is now an integral part of regulations such as the Payment Card Industry Data Security Standard (PCI DSS). Penetration testing is now even featured in movies and TV shows. This is not surprising since penetration testing is not only an exciting field to word in but also tangible business benefits. Penetration testing experts seem to have a bright future. One topic that a lot of technical IT professionals have problems with - maybe you as well - is selling security to their non-technical management. This white paper aims to help you with this endeavor: explaining the benefits of penetration testing to the business and securing the necessary budget.
Protecting Patient Health Information in the HITECH Era
The American Healthcare system is getting a complete facelift thanks to incentives to adopt Health Information Technology introduced by the Health Information Technology for Economic and Clinical Health (HITECH) Act. The HITECH Act contains tools for the enforcement of HIPAA regulations, as well as incentives to accelerate the adoption of information systems that reduce costs, gain efficiencies, and ultimately improve patient care while keeping patient health information secure. This paper examines the HITECH Act, the enforcement mechanisms the HITECH Act provides for HIPAA, and the key security challenges healthcare services face in order to protect patient health information as part of becoming HIPAA compliant.
Managing Cross Site Scripting (XSS) - The Number One Item on OWASP's Top Ten List
This white paper discusses the security risk that cross site scripting (XSS) represents for organizations. The white paper outlines the different forms of XSS vulnerabilities including reflective, persistent and DOM-based, why they are dangerous, and how to prevent them.
Best Practices to Protect the Cardholder Data Environment and Achieve PCI Compliance
Cyber-attacks designed for financial gain are on the rise, targeting proprietary information including customer and financial information. With over 127 million records exposed in 2007 in the US alone, attacks are becoming increasingly more sophisticated. Learn more about best practices to protect the cardholder data environment and achieve PCI compliance.
Understanding and Deploying the PCI Data Security Standard
PCI is one of the most stringent and detailed security requirements for retailers and merchants. This document outlines the different requirements to meet PCI compliance, maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement access controls and regularly monitor and test networks.
IT Security in Higher Education White Paper
According to Analysts, the Higher Education sector is the most breached of any industry. This white paper outlines key reasons why universities are more affected by security issues and how they can better prepare themselves to address IT security and vulnerability management challenges.