1 min
Your Evolving Digital Life: Security Basics for Business Leaders
In helping to evaluate and recommend
[https://information.rapid7.com/security-advisory-services-contact-us.html?CS=bouncex]
areas for security improvement, I frequently consult with boards on the state of
their organization's security program. Having had many of these conversations,
I've seen board members repeatedly ask some of the same questions; they clearly
are concerned about the overall security posture of the business, but lack the
deep-rooted technical background of a longtime security
2 min
Hacking
Making Your Voice Heard for the Future of Automotive Safety
TL;DR: Show Your Support to Secure the Future of Automotive
[https://www.change.org/p/automotive-industry-we-request-that-you-unite-with-us-in-a-joint-commitment-to-safety-between-the-automotive-and-cyber-security-industries]
Safety
[https://www.change.org/p/automotive-industry-we-request-that-you-unite-with-us-in-a-joint-commitment-to-safety-between-the-automotive-and-cyber-security-industries]
About a year and a half ago, Josh Corman [http://twitter.com/joshcorman] and I
began having a discus
3 min
Events
Rapid7 is hiring during #HackerSummerCamp!
It is that time of year again, when 1000s of security professionals and hackers
flock to one of the hottest places on the planet. Like many of you, I've been
making this trek for over a decade. There is no better place to keep in touch
with your friends and colleagues in the security industry, hear about the latest
research and enjoy a beer on a vendor's bar tab. But above all else, Hacker
Summer Camp is one of the best opportunities for those looking to break into the
security industry or find
0 min
Events
Talks I am attending at DEF CON 22
I recently recorded a video for Rapid7's Whiteboard Wednesday on the talks I am
looking to attend at DEF CON 22. See you in a few weeks!
Nick
DEF CON 22: Interesting Topics at This Year's Conference [VIDEO] | Rapid7
[http://www.rapid7.com/resources/videos/defcon-22.jsp]
5 min
CCS Injection Vulnerability: Severe vulnerability shows we're not done with OpenSSL just yet
The dust has barely settled on Heartbleed, yet here we are hit with another
major vulnerability. The not-yet-catchily-named OpenSSL flaw allows spying on
encrypted SSL/TLS communications, if the attacker can pull off a
man-in-the-middle position. Read on to learn how it works, what it means for
you, and how it stacks up against Heartbleed.
What happened?
The OpenSSL project published a security advisory containing several
vulnerabilities. The most discussed vulnerability is CVE-2014-0224, throu
2 min
Strategic Embarkation: Why I am boarding the Rapid7 train.
Today I am announcing that I have joined the Rapid7 team as Vice President of
Strategic Services. This is a brand new position leading a brand new team within
the company. I'll be located in Chicago building a global practice to provide
Rapid7's clients with a new and unique set of services to enable their security
executives and teams to make strategic decisions to dramatically improve the
ways they solve the problems they face today and will face in the future.
I made the decision to join R