3 min
Automation and Orchestration
Automating User Provisioning and Deprovisioning with Security Orchestration, Automation, and Response (SOAR)
Here are three ways security orchestration and automation tools can streamline the user provisioning and deprovisioning process.
3 min
Automation and Orchestration
Summer Security Fundamentals Recap: Orchestration and Automation 101
Security orchestration and automation (SOAR) offers plenty of benefits for organizations. Here are some you should know about.
3 min
Automation and Orchestration
How to Automate Threat Hunting with SOAR for Faster Response Times
In this blog, we highlight four ways security orchestration and automation (SOAR) tools can streamline the threat hunting process.
3 min
Automation and Orchestration
How to Automate Phishing Investigations and Remediation
Here are four ways security orchestration and automation (SOAR) tools can streamline the phishing investigation process.
4 min
Automation and Orchestration
Introducing the Security Orchestration and Automation Playbook: Your Practical Guide to Implementing SOAR
We created the Security Orchestration and Automation Playbook to help you understand which use cases are prime for SOAR.
2 min
InsightConnect
From InsightConnect, With Love: Wishing a Happy Valentine’s Day to Our Most Popular Plugins
Happy Valentine's Day! This year, we're celebrating some of our most popular InsightConnect plugins by sending them valentines.
4 min
Automation and Orchestration
SOARing Toward an Efficient SOC: How Security Orchestration and Automation Can Add Immediate Value in 2019
Thanks to security orchestration and automation (SOAR), it is possible to work efficiently with the resources you already have.
5 min
User Behavior Analytics
[Q&A] Why Every Threat Detection Strategy Needs User Behavior Analytics
VP of Product Sam Adams explains how UBA works and how it’s evolved over the years to become a core part of threat detection and response strategies.
4 min
Automation and Orchestration
Three Expensive Security Operations Costs and How to Minimize Them with SOAR
With the release of our Security Orchestration and Automation ROI Calculator, here are the three areas where companies spend the most resources on security.
5 min
Threat Intel
Q&A with Rebekah Brown, Rapid7 Threat Intel Lead, on Attacker Behavior Analytics
Hear from Rebekah Brown, Rapid7’s threat intel lead, on Attacker Behavior Analytics and how Rapid7 is developing next gen threat detections for customers.
4 min
InsightIDR
Unifying Security Data: How to Streamline Endpoint Detection and Response
Collecting data from the endpoint can be tedious and complex (to say the least).
Between the data streaming from your Windows, Linux, and Mac endpoints, not to
mention remote authentication and the processes running on these assets, there
is a lot of information to gather and analyze. Unless you have a deep knowledge
of operating systems to build this yourself—or additional budget to add these
data streams to your SIEM tool [https://www.rapid7.com/fundamentals/siem-tools/]
—it may not be feasibl
4 min
InsightIDR
What Makes SIEM Security Alerts Actionable? Automatic Context
Whether you call them alerts, alarms, offenses, or incidents, they’re all
worthless without supporting context. A failed login attempt may be completely
benign ... unless it happened from an anomalous asset or from a suspicious
location. Escalation of a user’s privileges could be due to a special project or
job promotion … or because that user’s account was compromised
[https://www.rapid7.com/solutions/detecting-compromised-credentials/]. Many
security monitoring tools today generate false posit
5 min
InsightIDR
How to Identify Attacker Reconnaissance on Your Internal Network
The most vulnerable moment for attackers is when they first gain internal access
to your corporate network. In order to determine their next step, intruders must
perform reconnaissance to scout available ports, services, and assets from which
they can pivot and gain access to customer databases, credit card data, source
code, and more. These initial moments are arguably your best opportunities to
catch attackers before critical assets are breached, but unfortunately, it can
be very challenging t
3 min
Incident Response
How to Build an Incident Response Plan: Your Battle Plan
An incident response plan
[https://www.rapid7.com/fundamentals/incident-response-plan/] can serve as your
master blueprint for navigating the challenges of a security incident, ensuring
everything is thought out in advance, secured appropriately, and that everyone
on the team knows what to do if an issue does arise. In short, a well-crafted
incident response plan will help your organization perform at its best by
preparing for the worst.
[eBook] Prepare for Battle: Building an Incident Response