Posts by Vivian Ma

3 min Vulnerability Management

Defining Vulnerability Risk Management (and How to Build a Modern VRM Program)

Once upon a time (just a handful of years ago), vulnerability management [https://www.rapid7.com/solutions/vulnerability-management/] programs focused solely on servers, running quarterly scans that targeted only critical systems. But that was then, and you can’t afford such a limited view in the now. Truth is, vulnerability exploitation now happens indiscriminately across the modern attack surface—from local and remote endpoints to on-prem and cloud infrastructure to web applications and con

4 min InsightAppSec

InsightVM + InsightAppSec: A Love Story

Today, we take a moment to appreciate how two of our products, InsightVM and InsightAppSec, work together to secure the entire tech stack for our customers.

4 min Application Security

You Can Have It Both Ways with AppSec: Security and Speed

Security and DevOps teams seemingly have to choose between speed and security. We think there's a better way.

4 min InsightVM

How Rapid7 Industry Research Strengthens InsightVM

Rapid7’s vulnerability scanner, InsightVM is backed by multiple large-scale research projects that keep it on the leading edge of vulnerability risk management.

2 min InsightIDR

Endpoint Agents Are Necessary for Today’s Modern Environment: Here’s Why (Part 2)

Rapid7's Insight agent can provide your organization with real-time, accurate results with the smallest possible footprint.

5 min Whiteboard Wednesday

Endpoint Agents Are Necessary for Today’s Modern Environment: Here’s Why (Part 1)

Endpoint agents can help you integrate your siloed vulnerability management and incident detection and response programs and implement SecOps practices.

1 min Whiteboard Wednesday

Whiteboard Wednesday: How to Implement A Phishing Awareness Training Plan in 5 Steps

There’s no silver bullet to combating protecting your organization from phishing attacks [https://www.rapid7.com/solutions/phishing-protection/] today. The only comprehensive approach leverages a combination of methods, many of which we’ve covered in parts 1 [https://www.rapid7.com/resources/wbw-anti-phishing/] and 2 [https://www.rapid7.com/resources/wbw-phishing-protection/] of our three-part phishing Whiteboard Wednesday series. Phishing is a human problem, and part of the solution is to prop

1 min Honeypots

Whiteboard Wednesday: Your 6-Minute Recap of Q1 2018’s Threat Landscape

Gotten a chance to read Rapid7’s Quarterly Threat Report for 2018 Q1 [https://www.rapid7.com/info/threat-report/2018-q1-threat-report/]? If not (or if you’re more of an auditory learner), we’ve put together a 6-minute recap video of the major findings. In our Quarterly Threat Reports [https://www.rapid7.com/info/threat-report/], our security researchers provide a wide-angle view of the threat landscape by leveraging intelligence from the Rapid7 Insight platform [https://www.rapid7.com/products/

1 min InsightPhishing

Whiteboard Wednesday: The Two Components of Phishing Protection Your Security Strategy Needs

You’re no stranger to the threat of phishing. It’s everywhere, and plays a role in 92% of breaches, according to the Verizon Data Breach Digest [https://www.rsaconference.com/writable/presentations/file_upload/lab4-r12_data-breach-digest-perspectives-on-the-human-element_copy1.pdf] . Last month, during the first installment of our phishing Whiteboard Wednesday series, we talked about the key components of an anti-phishing program [https://www.rapid7.com/resources/wbw-anti-phishing/], and this mo