Posts by Jane Man

2 min InsightVM

Vulnerability Management: A Year in Review - Prioritize

2017 has already broken the record [https://www.darkreading.com/threat-intelligence/2017-has-broken-the-record-for-security-vulnerabilities/d/d-id/1330410?] for the most number of vulnerabilities reported. With more software being produced and more researchers focused on finding vulnerabilities, this trend will probably continue. Understanding where to focus and which vulnerabilities to fix first is more important than ever. That’s why this year we delivered several innovations within our vulne
3 min Threat Intel

Live Threat-Driven Vulnerability Prioritization

We often hear that security teams are overwhelmed by the number of vulnerabilities [https://www.rapid7.com/fundamentals/vulnerabilities-exploits-threats/] in their environments: every day they are finding more than they can fix. It doesn't help when rating schemes used for prioritization, like the Common Vulnerability Scoring System (CVSS), don't really work at scale or take the threat landscape into account. How do you know where to focus if your vulnerability management solution [https://www.
2 min Nexpose

New and Improved Policy Manager

This year we've made many enhancements to the configuration policy assessment capabilities in Nexpose, including adding 4 new reports [/2016/07/05/getting-more-out-of-nexpose-policy-reports] and NIST 800-53 controls mapping [/2016/08/11/nist-800-53-control-mappings-in-sql-query-export]. Last week we unveiled a new and improved user interface for the Policy Manager, providing you with more information on your compliance position at your fingertips. With the new interface, you can quickly see how
2 min Nexpose

Live Monitoring with Endpoint Agents

At the beginning of summer, we announced some major enhancements [https://www.rapid7.com/products/nexpose/now.jsp] to Nexpose including Live Monitoring, Threat Exposure Analytics, and Liveboards, powered by the Insight Platform [https://www.rapid7.com/trust/]. These capabilities help organizations using our vulnerability management [https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] solution to spot changes as it happens and prioritize risks for remediation. We've also been

2 min Nexpose

Vulnerability Remediation with Nexpose

At the beginning of summer, we announced some major enhancements [https://www.rapid7.com/products/nexpose/now.jsp?CS=blog] to Nexpose [https://www.rapid7.com/products/nexpose/?CS=blog] including Live Monitoring, Threat Exposure Analytics, and Liveboards, powered by the Insight Platform [https://www.rapid7.com/trust/?CS=blog]. These capabilities help organizations using our vulnerability management [https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] solution to spot changes as
2 min Nexpose

Getting More Out of Nexpose Policy Reports

Auditing your systems for compliance with secure configuration policies like CIS, DISA STIGs, and USBCG is an important part of any effective security program, not to mention a requirement for many industry and regulatory compliances like PCI, DSS, and FISMA. With Nexpose, you can automate this assessment using our Policy Manager feature. Back in March we launched two brand new policy report templates, Policy Rule Breakdown Summary and Top Policy Remediations, to help organizations understand h
2 min Events

BlackHat Europe 2014: Printers, Lasers, and Drones! Oh My!

If you've even been to the BlackHat conference in Vegas, then the European version is kind of like that except much, much… much smaller. Did I mention it was much smaller? The business hall consisted of about dozen vendors including Rapid7. We spent two days at the Amsterdam RAI giving away almost 500 Metasploit t-shirts, and one pair of bright orange Beatz headphones [https://twitter.com/secrgb/status/523077059703476224]. What I did notice about BlackHat Europe is the diversity of the 1000 plus
1 min

Cyber security around the world - 7/4/14 - Germany

With so much happening in cyber security around the world lately, we're highlighting some of the interesting stories each week from across Europe, Middle East, Africa and Asia Pacific. This week we're in Germany where officials have found the second mass user account hacking this year… Germany Last week German officials confirmed that 18 million email address and passwords were hacked [http://www.dw.de/german-officials-confirm-18-million-emails-and-passwords-stolen/a-17542815] in a mass dat
2 min

Cyber security around the world - 1/4/14 - Australian Privacy Principles

With so much happening in cyber security around the world lately, we're highlighting some of the interesting stories each week from across Europe, Middle East, Africa and Asia Pacific. This week, we're in Australia to see what's happening with changes to privacy laws... Australia On March 12th, the Australian Privacy Principles (APP) [http://www.oaic.gov.au/privacy/privacy-resources/privacy-fact-sheets/other/privacy-fact-sheet-17-australian-privacy-principles] came into effect, giving priva
2 min Incident Response

Cyber security around the world - 18/3/14 - UK Cyber Security Strategy

With so much happening in cyber security around the world lately, we're highlighting some of the interesting stories each week from across Europe, Middle East, Africa and Asia Pacific. This week, we're in the UK to look at a key component of the government's Cyber Security Strategy [https://www.gov.uk/government/publications/cyber-security-strategy]… United Kingdom Over a year ago, the UK government announced plans for a new national Computer Emergency Response Team (CERT) [https://www.gov.u
2 min

Cyber security around the world - 10/3/14 - India

With so much happening in cyber security around the world lately, we're highlighting some of the interesting stories each week from across Europe, Middle East, Africa and Asia Pacific. This week, we're in India (via China)… India “No Internet safety means no national security,” said Chinese President Xi Jinping, after announcing a new working group on cyber security [http://www.nytimes.com/2014/02/28/world/asia/china-announces-new-cybersecurity-push.html?_r=0] . This statement rings particul
2 min Security Strategy

Cyber security around the world - 3/3/14 - Germany & Australia

With so much happening in cyber security around the world lately, we're highlighting some of the interesting stories each week from across Europe, Middle East, Africa and Asia Pacific. This week, we're in Germany and Australia… Germany The news last month that Facebook bought WhatsApp for $19 billion has highlighted the importance of data privacy for users, particularly in Germany. A day after the deal was announced, Swiss messaging app Threema doubled its user base and rose to the top [http
2 min Authentication

Cyber security around the world - 17/2/14 - UK & Singapore

With so much happening in cyber security around the world lately, we're highlighting some of the interesting stories each week from across Europe, Middle East, Africa and Asia Pacific. This week, we're in United Kingdom and Singapore… United Kingdom A few weeks ago, Tony Neate, CEO of the UK Government's Get Safe Online initiative, state that any password is better than no password at all, even if it's as simple as “abc123” [http://www.theguardian.com/technology/2014/jan/20/uk-cyber-security-
3 min

ControlsInsight Year In Review

While many are already looking ahead and making security predictions for 2014 [https://www.google.com/search?q=security+predictions+2014],  it's also important to pause and reflect on the year that's been. It's been a whirlwind year for ControlsInsight. We developed and launched a new product from the ground up - this in itself is an achievement that everyone involved should be proud of. Since launching in August, we've already released 7 product updates to quickly make improvements based on us
2 min

Honest advice from Rapid7's Chief Information Officer

In the 2013 Gartner CIO Agenda Report, over 2,000 CIOs were asked to rank their top technology priorities for 2013. Security was ranked at number 9 and, surprisingly, has remained static at this priority level for the past 5 annual surveys. Given that recent studies estimate that cyber-attacks are costing the U.S. economy $100 billion annually, why isn't security a higher priority for CIOs and how can security professionals change this? We know that these are top-of-mind questions for our custom

Popular Topics

Tags