Posts by Christie Ott

3 min Automation and Orchestration

Automating User Provisioning and Deprovisioning with Security Orchestration, Automation, and Response (SOAR)

Here are three ways security orchestration and automation tools can streamline the user provisioning and deprovisioning process.

3 min Automation and Orchestration

Summer Security Fundamentals Recap: Orchestration and Automation 101

Security orchestration and automation (SOAR) offers plenty of benefits for organizations. Here are some you should know about.

3 min Automation and Orchestration

How to Automate Threat Hunting with SOAR for Faster Response Times

In this blog, we highlight four ways security orchestration and automation (SOAR) tools can streamline the threat hunting process.

3 min Automation and Orchestration

How to Automate Phishing Investigations and Remediation

Here are four ways security orchestration and automation (SOAR) tools can streamline the phishing investigation process.

4 min Automation and Orchestration

Introducing the Security Orchestration and Automation Playbook: Your Practical Guide to Implementing SOAR

We created the Security Orchestration and Automation Playbook to help you understand which use cases are prime for SOAR.

2 min InsightConnect

From InsightConnect, With Love: Wishing a Happy Valentine’s Day to Our Most Popular Plugins

Happy Valentine's Day! This year, we're celebrating some of our most popular InsightConnect plugins by sending them valentines.

4 min Automation and Orchestration

SOARing Toward an Efficient SOC: How Security Orchestration and Automation Can Add Immediate Value in 2019

Thanks to security orchestration and automation (SOAR), it is possible to work efficiently with the resources you already have.

5 min User Behavior Analytics

[Q&A] Why Every Threat Detection Strategy Needs User Behavior Analytics

VP of Product Sam Adams explains how UBA works and how it’s evolved over the years to become a core part of threat detection and response strategies.

4 min Automation and Orchestration

Three Expensive Security Operations Costs and How to Minimize Them with SOAR

With the release of our Security Orchestration and Automation ROI Calculator, here are the three areas where companies spend the most resources on security.

5 min Threat Intel

Q&A with Rebekah Brown, Rapid7 Threat Intel Lead, on Attacker Behavior Analytics

Hear from Rebekah Brown, Rapid7’s threat intel lead, on Attacker Behavior Analytics and how Rapid7 is developing next gen threat detections for customers.

4 min InsightIDR

Unifying Security Data: How to Streamline Endpoint Detection and Response

Collecting data from the endpoint can be tedious and complex (to say the least). Between the data streaming from your Windows, Linux, and Mac endpoints, not to mention remote authentication and the processes running on these assets, there is a lot of information to gather and analyze. Unless you have a deep knowledge of operating systems to build this yourself—or additional budget to add these data streams to your SIEM tool [] —it may not be feasibl

4 min InsightIDR

What Makes SIEM Security Alerts Actionable? Automatic Context

Whether you call them alerts, alarms, offenses, or incidents, they’re all worthless without supporting context. A failed login attempt may be completely benign ... unless it happened from an anomalous asset or from a suspicious location. Escalation of a user’s privileges could be due to a special project or job promotion … or because that user’s account was compromised []. Many security monitoring tools today generate false posit

5 min InsightIDR

How to Identify Attacker Reconnaissance on Your Internal Network

The most vulnerable moment for attackers is when they first gain internal access to your corporate network. In order to determine their next step, intruders must perform reconnaissance to scout available ports, services, and assets from which they can pivot and gain access to customer databases, credit card data, source code, and more. These initial moments are arguably your best opportunities to catch attackers before critical assets are breached, but unfortunately, it can be very challenging t

3 min Incident Response

How to Build an Incident Response Plan: Your Battle Plan

An incident response plan [] can serve as your master blueprint for navigating the challenges of a security incident, ensuring everything is thought out in advance, secured appropriately, and that everyone on the team knows what to do if an issue does arise. In short, a well-crafted incident response plan will help your organization perform at its best by preparing for the worst. [eBook] Prepare for Battle: Building an Incident Response