3 min
Phishing
Identify, Analyze, and Report Phishing Emails With InsightPhishing: Getting Started
Starting March 1, 2019, Rapid7 will no longer offer or support InsightPhishing,
and the beta program will end. Click here
[https://kb.help.rapid7.com/docs/insightphishing-end-of-program-announcement]
for more information.
We often talk about running phishing simulation campaigns as a way of training
our teams on what phishing emails look like. Given that 92% of breaches
[http://www.verizonenterprise.com/resources/reports/rp_data-breach-digest-2017-perspective-is-reality_xg_en.pdf]
have a thre
3 min
GDPR
MDR and GDPR: More than a lot of letters
With 2018 now well in our sights, the countdown to the General Data Protection
Regulation (GDPR) [https://www.rapid7.com/solutions/compliance/gdpr/]) is most
definitely on. Articles 33 and 34
[https://www.rapid7.com/globalassets/_pdfs/product-and-service-briefs/rapid7-solution-brief-gdpr-article-33-34.pdf]
of the GDPR [https://www.rapid7.com/fundamentals/gdpr/] require organizations to
communicate personal data breaches when there is a high risk of impact to the
people to whom the data pertains
2 min
Application Security
The Magic Behind Rapid7 Managed Application Security Services
When I was younger, one of my favorite gifts was a magic kit. My dad did magic
tricks with cards and rope, and whenever I asked how he did it, he’d say, “A
magician never tells his secrets.” Part of why I loved that gift so much is I
got to be the magician—and I got a glimpse of the secrets.
Whenever I spend time with the Managed Application Security team at Rapid7, I
feel like I did when I was younger: excited to learn about how the magic works.
Here are some of the secrets I’ve learned.
Appl
2 min
Events
Top Reasons for Graduate Students to Attend UNITED
The countdown is on to Rapid7's annual UNITED Summit
[https://unitedsummit.org/index.php] in Boston on September 13-14. Rapid7 has
partnered with top universities all over the globe to provide students with
industry-leading security solutions as part of their coursework, equipping them
with hands-on knowledge as they head into the workforce. This year, for the
first time, Rapid7 is expanding its Higher Education Program
[https://www.rapid7.com/about/higher-education-program/] and providing
schol
2 min
Incident Response
Looking for a Managed Detection & Response Provider? You'll Need These 38 Evaluation Questions
Managed Detection and Response (MDR) services
[https://www.rapid7.com/services/analytic-response.jsp?CS=blog] are still a
relatively new concept in the security industry. Just recently, Gartner
published their first Market Guide on Managed Detection & Response
[https://information.rapid7.com/gartner-market-guide-for-managed-detection-and-response-services.html?CS=blog]
, which further defines the MDR Services market. MDR Services combines human
expertise with tools to provide 24/7 monitoring and
4 min
Incident Response
The Calm Heroes Fighting Cyber-Crime
The call everyone had been waiting for came in: the shuffleboard table arrived,
and was ready to be brought upstairs and constructed! The team had been hard at
work all morning in the open-style office space with conference rooms and
private offices along the perimeter. The Security Operations Center (SOC) with
computers, many monitors and an open layout was behind a PIN activated door. The
team wanted something fun in the office to do when they took a break from
defending networks.
My office-m
1 min
InsightIDR
Disrupt the Attack Chain with Rapid7
The attack surface is growing, and it is critical for enterprises to be able to
detect and respond to incidents quickly and thoroughly. We recommend modeling
your security program after the Attack Chain, which graphically shows the steps
that intruders follow to breach a company.
This applies no matter what type of attack intruders employ, whether it be
exploiting a vulnerability, stealing credentials via phishing or using malware.
The steps in order are: infiltration and persistence, explore n