4 min
3 things you need to do to reap the benefits of detecting compromised credentials
Every party must come to an end. This final reflection on the Party Crashers
series marks the end of our journey with the steps necessary for your success.
Revealed and explored over the course of the series is the reality that
compromised credentials are a key attack vector.
Improving detection means improving how accounts are monitored. Rapid7 shared
insights and ideas based on their experience building the UserInsight solution.
Here are some reflections and steps to kickstart your momentum
3 min
What you need to know to build a solution to detect compromised credentials
Once convinced of the need to detect compromised credentials, the focus shifts
to building the right solution. Ultimately, the act of learning what it takes to
build a solution informs whether the better return comes from building or
buying. It sets the stage to consider the key elements and forms a strong
evaluation criteria.
The fourth conversation in the Party Crashers series delved deeper into the
specifics of how to build an effective solution - and some lessons learned along
the way.
T
4 min
How to use compromised credentials as your key to funding success
The third conversation in the Party Crashers
[https://information.rapid7.com/party-crashers.html] series opened with a
challenge: time how long it takes you to review your logs, pick and IP address
from last week, and connect the IP address to a name.
Based on an informal show of hands, 15% of those in the conversation were in a
place to participate. Take a few moments now to time yourself working through
the challenge.
Once the challenge was complete, we asked how long it took (for the 15%)
5 min
Authentication
Why hesitation hurts - act now to prevent costly problems later
The growing value of information and systems coupled with the shifting nature of
attackers puts a lot of pressure on security professionals to demonstrate
results. Adding to the challenge of balancing competing interests, resource
constraints and budgets is the need to figure out how to improve.
The increasing interest in compromised credentials from attackers demands our
attention. Focusing on accounts and looking for compromised credentials requires
action. The challenge is taking the right
5 min
Authentication
Why you need to let go in security to get what you want
The second part of the Party Crashers series focused on the need for us to
embrace change in order to combat the shifting nature of attackers and their
penchant for compromised credentials.
Guided by the preparation (/2014/07/29/embrace-the-c
hange-we-need-in-security-to-reap-the-benefits), our conversation is global. The
advantage to the series is the opportunity to maintain a dialogue. We shared a
lot of comments, insights, and thoughtful questions.
The series suggests a growing number of
4 min
Authentication
Why we can be optimistic in security even in the rise of compromised credentials
While use of compromised credentials in attacks isn't new, the growing trend is
cause for consideration. Adapting our mindsets and actions to the changing
nature of attackers is essential to achieving success in our efforts.
The kick-off conversation of our _Party Crashers
[https://information.rapid7.com/party-crashers.html] _Summer Series
[https://information.rapid7.com/party-crashers.html] held a few “aha moments”
and revelations. More than just looking at the changing mindset and methods of
1 min
Incident Detection
Come Crash My Party! Your Invitation to Our Summer Series
Hey everyone, it's Michael Santarcangelo
[http://securitycatalyst.com/meet-michael-santarcangelo/], the Security Catalyst
[http://securitycatalyst.com/] - with an invitation to join me and Rapid7 on a
journey over the next few weeks.
As the value of the systems and information we protect continues to grow, we
face attackers that are more organized, and more disciplined. In fact, when we
looked at it, breaking down the concepts and elements necessary to be successful
when it comes to handling