4 min
SOAR
How Rapid7 Is Transforming an On-Premises SOAR Tool into a Cloud-First Automation Platform
In this blog, we discuss how Rapid7 Is transforming an on-premises SOAR tool into a cloud-first automation platform.
Read Full Post
5 min
InsightIDR
4 Steps to Securing Active Directory with Confidence
Active Directory serves as the keys to your kingdom, managing user and system access and policies on a daily basis. As such, it’s arguably one of the most important systems to secure, but are you doing it right?
Read Full Post
5 min
Incident Response
What Makes SIEMs So Challenging?
I've been at the technical helm for dozens of demonstrations and evaluations of
our incident detection and investigation solution, InsightIDR
[https://www.rapid7.com/products/insightidr/], and I've been running into the
same conversation time and time again: SIEMs aren't working for incident
detection and response. At least, they aren't working without investing a lot
of time, effort, and resources to configure, tune, and maintain a SIEM
deployment. Most organizations don't have the recommende
Read Full Post
3 min
Incident Detection
All Alerts Are Not Created Equal
In my experience, automated alerts are one of the most challenging, duplicitous
factors in security. On the one hand, there is simply too much data for us
humans to sift through, so having a system in place to analyze and correlate
data automagically is hugely helpful. On the other hand, once the tool has
analyzed data and spat out alerts, the security team (or security person) still
bears the responsibility of interpreting and reacting to this data, which is
fine…so long as the number of aler
Read Full Post