Posts tagged Cloud Security

2 min InsightCloudSec

Introducing InsightCloudSec

Rapid7 is proud to announce our next step in helping to drive cloud security forward: InsightCloudSec.

3 min Detection and Response

Automated remediation level 3: Governance and hygiene

The best way to mold a solution that makes sense for your company and cloud security is by adding actions that cause the fewest deviations in your day-to-day operations.

2 min Detection and Response

CVE-2021-20025: SonicWall Email Security Appliance Backdoor Credential

The virtual, on-premises version of the SonicWall Email Security Appliance ships with an undocumented, static credential, which can be used by an attacker to gain root privileges on the device.

2 min Cloud Security

Action! Start putting automation into practice.

In our new blog series, we’ll talk about the challenges of leveraging automation and actually putting it into practice for your organization and business.

3 min Identity Access Management

All about the boundaries: The cloud IAM lifecycle approach

Implementing cloud Identity Access Management (IAM) boundaries can seem like an oxymoron in the midst of rapid growth or need for access as new personnel, teams, or supply-chain partners come online.

3 min DevOps

Creating coefficiency: DevOps, Security, and Compliance

The ultimate goal on the security horizon is, of course, to prevent risks and misconfigurations before runtime. This won’t always happen, but teams can still get into a rhythm where runtime mistakes become the exception rather than the rule.

4 min Cloud Security

5 questions to answer before spending big on cloud security

Convincing people to sign off on big cloud security spends is, most assuredly, a never-ending process. Because every so often (be it in 6 months, 1 year, 2 years), your security organization will have to pitch to the check-writers all over again.

3 min Cloud Security

How to Address the Current Complexity and Chaos of Cloud IAM

Can security teams ever truly understand their cloud permissions? As DevSecOps grows ever further into the cloud, more people have the ability to provision cloud resources independently, without involving IT.

2 min Cloud Security

Top Challenges for Security Analytics and Operations, and How a Cloud-Based SIEM Can Help

To keep up and combat key security operations challenges, many organizations are making the move to the cloud for broader, more flexible detection and response coverage of their ever-changing security environments.

6 min Industry Cyber-Exposure Report (ICER)

Rapid7's 2021 ICER Takeaways: Version Complexity Among the Fortune 500

Complexity is the enemy to successful security outcomes. To get a feel for how well-resourced organizations perform in this area, we looked at 3 factors.

4 min Cloud Security

4 DevOps Challenges to Cloud Security and Compliance—and How IaC Can Help

There are many challenges on the road to the goal of a super-efficient working relationship between DevOps and cloud security. Let’s take a look at 4 of those challenges & how security organizations can leverage Infrastructure-as-Code (IaC) templates to go from a reaction to a prevention culture.

4 min Industry Cyber-Exposure Report (ICER)

Rapid7's 2021 ICER Takeaways: Web Security Among the Fortune 500

There are very few security measures that should be applied to all web applications across the board without further subdividing what specific type of application we are referring to. However, there are a couple that we will examine here.

3 min DevSecOps

The Future is Friction-Free: Drive Innovation With DevOps + Security

How can DevOps and IT teams work and innovate in a friction-reduced or—we can all dream—a friction-free way?

3 min InsightIDR

What’s New in InsightIDR: Q1 2021 in Review

Back at the start of the year, we reflected on some of our 2020 InsightIDR product investments and took a look at what was ahead in 2021. As the first quarter of the year comes to a close, we wanted to offer a closer look at some of the recent updates and releases in InsightIDR.

3 min Alcide

Kubernetes Namespaces Are Not as Secure as You Think

A common misconception around namespaces is that they are truly separated. However, it is more likely to think of it as a police tape—you know it is there, but it is fairly easy to bypass it.