Posts by Kelly Garofalo

2 min Authentication

Top 3 Takeaways from the "Planning for Failure: How to Succeed at Detecting Intruders on your Network" Webcast

Last week, Rick Holland, Principal Analyst at Forrester Research joined Christian Kirsch [/author/christian-kirsch] to discuss the concept of planning for failure in your security programs by being equipped to detect and investigate effectively when intruders get past your defenses. Read on to learn the top takeaways from their discussion on “Planning for Failure: How to Succeed at Detecting Intruders on your Network [https://information.rapid7.com/detecting-intruders-on-your-network-webcast.ht

1 min Events

How to Make the UNITED Security Summit Your Own

At Rapid7's 2015 UNITED Security Summit [https://information.rapid7.com/rs/rapid7/images/UNITED%202015%20Attendee%20Prospectus.pdf] you can customize your experience beyond general keynotes and expert panels to gain the insight and confidence you need to build, improve, and maintain strong security programs at your organization. Join us at The Seaport Boston Hotel & World Trade Center on June 17-18th and you will earn 16 CPE credits and have the chance to: * Choose sessions from 3 breakout

2 min PCI

Top 3 Takeaways from the "Escalate your Efficiency: How to Save Time on Penetration Testing" Webcast

Penetration Testing is a complex process that requires attention to detail, multi-tasking, extensive knowledge of different attack vectors, available vulnerabilities and exploits, and patience. Recently erayymz [https://twitter.com/erayymz], Senior Product Manager at Rapid7 spoke with pen testing professionals Leon Johnson, Senior Consultant at Rapid7, and Dustin Heywood, Manager of Security Assurance at ATB Financial. They discussed how to take advantage of automation with Metasploit Pro to sim

1 min Metasploit

Nexpose and Metasploit Training and Certification Courses Filling Up Fast!

Looking to amp-up or fine-tune your security prowess? UNITED conference attendees get the chance to do just that by registering for additional small group training and certification courses (Nexpose Basic, Metasploit Basic, and Nexpose Advanced). Since we're keeping the sessions intimate, spots are filling up quickly! Save your spot now for two days of formalized, curriculum-based training with Rapid7 experts [http://www.unitedsummit.org/new-registration.jsp]. You'll get to: * Share best p

2 min Compliance

Top 3 Takeaways from the "Security in Retail: An Industry at a Crossroads" Webcast

Retail is one of the industries hit hardest by the high-profile mega-breaches of late, so Jane Man [/author/jane-man], product marketing manager at Rapid7, and Wim Remes [/author/wim-remes], manager of strategic services at Rapid7 (read his intro blog here [/2015/02/13/why-i-joined-rapid7]), came together to discuss the challenges and future of retail security, and how organizations need to think about the balance between compliance and focusing on attack prevention and detection. Read on to le

1 min Events

Time for an upgrade! This year's Rapid7 RSA party is at a new venue: 1015 Folsom

The world of security is always changing, and true to form, the Rapid7 party experience is transforming along with it. This year, Rapid7 is upgrading the RSA after-party to a fresh new venue – because technology is advancing, and so are we! Where: 1015 Folsom [http://1015.com/] - 1015 Folsom Street, San Francisco, CA 94103 When: Wednesday, April 22nd, 9pm-2am The countdown is on! Save the date for when registration opens in just a few days! Click here for more information. [https://informa

1 min Events

PREPARE FOR BATTLE at UNITED 2015!

Join us at the 2015 Rapid7 UNITED Security Summit [http://www.unitedsummit.org/] and you'll get to witness a BATTLE (…amongst analysts!). Think clashing opinions and insights rather than axes and broadswords. It will be a unique match up of some of the security industry's leading analysts, giving attendees an insider view on a series of hot security topics and trends. Onlookers will hear from: * Rick Holland [http://www.unitedsummit.org/agenda-speakers.jsp?id=rick-holland], Principal A

3 min Skills

Top 4 Takeaways from the "2015 Security New Year's Resolutions: Expert Panel" Webcast

In this week's webcast, our panel of security experts took the time to reflect on the past year and discuss their 2015 Security New Year's Resolutions [https://information.rapid7.com/2015-security-resolutions.html?CS=blog]. For this discussion Trey Ford [/author/trey-ford/], Global Security Strategist at Rapid7, and Josh Feinblum [/author/josh-feinblum/], VP of Information Security at Rapid7 were joined by Andrew Plato, President/CEO at Anitian, Chris Calvert, Senior Strategy Manager – Red Team

1 min Events

UNITED Security Summit 2015: Theme Announcement!

In case you missed it, the theme for Rapid7's 2015 customer conference, the UNITED Security Summit (drum roll please…..) is Confidence in a Chaotic World. And if you had already heard, I hope there was a drum roll playing in your head the first time you saw it! We're really excited about this theme because we are passionate about enabling customers to be confident in their work. Security professionals that come to UNITED will get a chance to mingle with like-minded peers and security experts,

2 min

Top 3 Takeaways from the "Get it Under Control: Top 7 Security Controls to Focus On" Webcast

After analyzing recommended controls from many highly regarded best practices lists (Council on CyberSecurity Top 20, ASD Top 35, etc.), our experts mapped out the top 7 controls that organizations should focus on first. In this week's webcast, Jane Man, Product Marketing Manager at Rapid7, and Roy Hodgman, Senior Security Engineer at Rapid7, gave us the low down on what the top 7 security controls are and why, as well as tips on how to successfully implement them. It's important to make sure yo

2 min Compliance

Top 3 Takeaways from the "PCI DSS 3.0: Are You Ready for January?" Webcast

The deadline (January 1, 2015!) for PCI DSS 3.0 compliance is quickly approaching. Some of our PCI experts addressed this head on in a recent webcast, “PCI DSS 3.0: Are you Ready for January? [https://information.rapid7.com/pci-ready-for-january.html?CS=blog]”. Derek Kolakowski, Brian Tant, and ncrampton [https://community.rapid7.com/people/ncrampton] discussed what it will take for security professionals to get over the finish line and achieve 3.0 compliance, and to be secure and ready when aud

1 min Incident Response

Top 3 Takeaways from the "When Every Minute Counts: Accelerating Incident Investigations" Webcast

In our latest webcast, we heard from Christian Kirsch [https://community.rapid7.com/people/ckirsch], Principal Product Marketing Manager at Rapid7 on, “When Every Minute Counts: Accelerating Incident Investigations [https://information.rapid7.com/accelerate-incident-investigations.html?CS=blog] ”. In this webcast, Chris spoke about the major challenges incident responders face, and what they can do to tackle these challenges head on and significantly reduce investigation time. Read on to learn t

2 min Authentication

Top 2 Takeaways from the "Incident Response: Why You Need to Detect More Than Pass the Hash" Webcast

This week's webcast featured Matt Hathaway, Senior Manager of Platform Products at Rapid7, and Jeff Myers, Lead Software Engineer for UserInsight at Rapid7, as they spoke on, “Incident Response: Why You Need to Detect More Than Pass the Hash [https://information.rapid7.com/detecting-more-than-pass-the-hash.html?CS=blog] ”. This technical webinar emphasized how compromised credentials are a key predatory weapon in the attacker's arsenal, and featured an in-depth discussion of indicators of compro

2 min CIS Controls

Top 3 Takeaways from the "Simplify Controls: How to Align Security Controls to Reduce Risk to Your Business" Webcast

This week we heard from Bill Bradley, Product Marketing Manager at Rapid7, about the far reaching implications of security controls. Each organization (SANS and the Australian Signals Directorate to name a couple) that highlights recommended controls promotes a slightly different twist on the weighting and criticality of controls. We looked at which controls across each organization with recommendations are the most important and effective risk reduction tools, and how professionals in different

1 min Metasploit

Top 2 Takeaways from the "Credentials are the New Exploits: How to Effectively Use Credentials in Penetration Tests" Webcast

This week, Christian Kirsch [https://community.rapid7.com/people/ckirsch] enlightened us about the latest trend in attacker methodologies: Credentials. In the webcast, "Credentials are the New Exploits: How to Effectively Use Credentials in Penetration Tests [https://information.rapid7.com/creds-are-the-new-exploits-registration.html?CS=blog] ", we learned why credential abuse is in vogue, and what penetration testers can do to tackle this head on with as much efficiency and proficiency as poss