Posts by msantarcangelo

4 min

3 things you need to do to reap the benefits of detecting compromised credentials

Every party must come to an end. This final reflection on the Party Crashers series marks the end of our journey with the steps necessary for your success. Revealed and explored over the course of the series is the reality that compromised credentials are a key attack vector. Improving detection means improving how accounts are monitored. Rapid7 shared insights and ideas based on their experience building the UserInsight solution. Here are some reflections and steps to kickstart your momentum

3 min

What you need to know to build a solution to detect compromised credentials

Once convinced of the need to detect compromised credentials, the focus shifts to building the right solution. Ultimately, the act of learning what it takes to build a solution informs whether the better return comes from building or buying. It sets the stage to consider the key elements and forms a strong evaluation criteria. The fourth conversation in the Party Crashers series delved deeper into the specifics of how to build an effective solution - and some lessons learned along the way. T

4 min

How to use compromised credentials as your key to funding success

The third conversation in the Party Crashers [https://information.rapid7.com/party-crashers.html] series opened with a challenge: time how long it takes you to review your logs, pick and IP address from last week, and connect the IP address to a name. Based on an informal show of hands, 15% of those in the conversation were in a place to participate. Take a few moments now to time yourself working through the challenge. Once the challenge was complete, we asked how long it took (for the 15%)

5 min Authentication

Why hesitation hurts - act now to prevent costly problems later

The growing value of information and systems coupled with the shifting nature of attackers puts a lot of pressure on security professionals to demonstrate results. Adding to the challenge of balancing competing interests, resource constraints and budgets is the need to figure out how to improve. The increasing interest in compromised credentials from attackers demands our attention. Focusing on accounts and looking for compromised credentials requires action. The challenge is taking the right

5 min Authentication

Why you need to let go in security to get what you want

The second part of the Party Crashers series focused on the need for us to embrace change in order to combat the shifting nature of attackers and their penchant for compromised credentials. Guided by the preparation (/2014/07/29/embrace-the-c hange-we-need-in-security-to-reap-the-benefits), our conversation is global. The advantage to the series is the opportunity to maintain a dialogue. We shared a lot of comments, insights, and thoughtful questions. The series suggests a growing number of

5 min

Embrace the change we need in security to reap the benefits

The start of the Party Crashers (sign up here if you aren't already) [https://information.rapid7.com/party-crashers.html] series explored the shifting nature of attackers. In addition to taking a more disciplined, business-like approach, attackers value compromised credentials in their efforts. It lets them look like they belong, making them harder to detect and kick out. Taking time to realize their changes and how it impacts our efforts drives a need for security to adapt, too. It signals th

4 min Authentication

Why we can be optimistic in security even in the rise of compromised credentials

While use of compromised credentials in attacks isn't new, the growing trend is cause for consideration. Adapting our mindsets and actions to the changing nature of attackers is essential to achieving success in our efforts. The kick-off conversation of our _Party Crashers [https://information.rapid7.com/party-crashers.html] _Summer Series [https://information.rapid7.com/party-crashers.html] held a few “aha moments” and revelations. More than just looking at the changing mindset and methods of

1 min Incident Detection

Come Crash My Party! Your Invitation to Our Summer Series

Hey everyone, it's Michael Santarcangelo [http://securitycatalyst.com/meet-michael-santarcangelo/], the Security Catalyst [http://securitycatalyst.com/] - with an invitation to join me and Rapid7 on a journey over the next few weeks. As the value of the systems and information we protect continues to grow, we face attackers that are more organized, and more disciplined. In fact, when we looked at it, breaking down the concepts and elements necessary to be successful when it comes to handling