Posts by Wade Woolwine

2 min Research

Rapid7 Releases Q2 2020 Quarterly Threat Report

It’s hard to believe it’s already the end of September, and with it comes Rapid7’s Q2 2020 Quarterly Threat Report.

6 min Vulnerability Management

4 Common Goals For Vulnerability Risk Management Programs

This post will give you a glimpse into the research to pinpoint under-served and unmet customer needs in the vulnerability risk management space.

7 min Detection and Response

Top 3 Outcomes Organizations Try to Achieve in Their Incident Detection and Response Programs

In this blog, we break down the top three outcomes organizations try to achieve in their Detection and Response programs.

4 min InsightConnect

Why Our Future in InfoSec Depends on Automation

In this blog, we discuss why our future in Information Security depends on automation.

5 min SecOps

How to Define Business Value for Security Programs

Today, we're evaluating the categorization of Detection and Response program outcomes and Attack Surface Management outcomes uncovered by Rapid7's UX team.

5 min

3 Questions to Ask Yourself When Justifying Your Infosec Program

In this blog post, we propose a framework by which most organizations can understand, evaluate, roadmap, and execute on their security programs.

7 min InsightIDR

10 Threat Detection and Response Resolutions for 2020

From knowing what you have, who may want it, and how they can get it: these 10 IDR resolutions for 2020 are sure to keep you busy.

3 min Detection and Response

Rapid7 Quarterly Threat Report: 2019 Q3

In this blog, we dive into the Rapid7 Quarterly Threat Report for Q3 of 2019 and the MITRE ATT&CK™ framework.

5 min Security Operations (SOC)

How to Develop a Common Language for Security Buy-In Across Your Business

In this blog, we break-down what keeps organizations from advancing their security programs, and how businesses can establish security priorities.

4 min InsightIDR

How to Set Up Your Security Operations Center (SOC) for Success

Whether you’re looking to add coverage or are experiencing challenges with your existing security operations center (SOC), it's important to consider these factors before making a decision.

6 min Incident Detection

Managed Threat Detection and Response: The Questions You Need to Ask Vendors

In this post, Wade Woolwine, managed services director of technology at Rapid7, details our approach to managed detection and response: visibility, analytics, and arming our analysts with smart, customizable automation. Defending the modern enterprise is hard work. Between the need for round-the-clock coverage, technology to provide full visibility across the expanding enterprise, a highly skilled and experienced team, and the business level pressure to “prevent a breach,” there is little wonde

3 min Detection and Response

Changing Threat Landscape Evolves IDR

This is part 2 of a 2-part blog series on how Incident Response is changing. Here's part one [/2016/03/03/incident-response-the-times-they-are-a-changin]. The changing threat landscape forced an evolution in incident detection & response (IDR) that encompasses changes in tools, process, and people. While in 2005 we could get away with basic detection and a “pave and re-image” approach, 2016 sees us needing complex detection methodologies enabled by powerful software and hardware to enable expe

1 min Incident Detection

Incident Response: The Times They Are A Changin'

While everyone in the security world is seemingly at RSA Conference, my mind has been searching through the past. It actually started a few weeks ago, when Gartner's Anton Chuvakin asked for examples of how today's Incident Detection & Response (IDR) is different from 2005 [] . My short comment to his post started to explore the topic of change over the past decade of IR, but I kept thinki

1 min Incident Response

How to mitigate the threat of an extortion attempt against your organization

We've had a few conversations with our customers recently who have alerted us to extortion attempts against their organizations. Thankfully, none were successful. This post is to detail the events that have transpired so that you can alert your organizations and increase your odds of not falling victim to this scam: * Attackers will register a domain name similar to yours. For example, the attacker might register when is the legitimate domain * Attackers will target t

4 min Incident Response

Preparing for Incident Response

Today, we launched a short Whiteboard Wednesday video [] aimed at providing a brief overview of how to effectively prepare for an incident. In this post, I'd like to expand on that a little bit by providing some additional concrete steps on how most organizations should be thinking about how preparedness can directly impact incident response program execution during a breach. The first step is going to involve discovery