Posts tagged Compliance

2 min InsightCloudSec

Introducing InsightCloudSec

Rapid7 is proud to announce our next step in helping to drive cloud security forward: InsightCloudSec.

3 min DevOps

Creating coefficiency: DevOps, Security, and Compliance

The ultimate goal on the security horizon is, of course, to prevent risks and misconfigurations before runtime. This won’t always happen, but teams can still get into a rhythm where runtime mistakes become the exception rather than the rule.

3 min InsightIDR

Utilize File Integrity Monitoring to Address Critical Compliance Needs

To help organizations address their compliance auditing needs, we are excited to introduce file integrity monitoring (FIM) for InsightIDR.

3 min InsightVM

Did You Remediate That? How to Use the InsightVM Policy Compliance Status Report to Measure Benchmark Configurations

Reports within InsightVM can help you demonstrate whether your systems stand up against compliance requirements.

4 min Incident Response

CIS Critical Security Control 19: Steps for Crafting an Efficient Incident Response and Management Strategy

An effective incident response plan helps you quickly discover attacks, contain the damage, eradicate the attacker's presence, and restore the integrity of your network and systems.

4 min Compliance

Lessons from the Philippines’ Specific Approach to Data Privacy

Many parallels can be drawn between the Philippines Data Protection Act and GDPR, but there are some nuances between the two laws—and one massive difference.

4 min GDPR

GDPR Preparation March and April: Course Correct

Wow, how did March just happen? Living in a country that just fell apart like a clown car because of snow, it’s still feeling decidedly wintery here in the UK, and as a weather obsessed Brit I am fully looking forward to sunnier times. You know, that single day sometime in August. By that time, we’ll have crossed the border into the brave new world of the General Data Protection Regulation (GDPR) [https://www.rapid7.com/solutions/compliance/gdpr/], and like many of you, I am curious as to what t

3 min GDPR

Tonight I'm gonna IR like it's 99 (days until GDPR)…

Sorry Nena, it was going to be you or Prince that was going to get the headline, and whilst 99 Red Balloons [https://www.youtube.com/watch?v=HZ1TQYjCwYc] is a catchy 80’s classic, I had to give credit to His Royal Purpleness [https://www.youtube.com/watch?v=rblt2EtFfC4]. It was that or pay tribute to a childhood favourite vanilla ‘whippy’ ice cream, adorned with a Cadbury’s Flake, but I’m not so sure that would resonate so well with a global audience. “Why 99?”, you may ask. Why not a nice roun

3 min Compliance

HIPAA Security Compliance Fallacies (And How To Avoid Them)

Health Insurance Portability and Accountability Act (HIPAA) compliance hasn’t been what I thought it was going to be. When I first started out as an independent security consultant, I was giddy over the business opportunities that I just knew HIPAA compliance was going to bring. Around that time, I learned something from sales expert, Jeffrey Gitomer, that has had a profound impact on my career. He said that if you work for yourself and are in sales, which I am, that you must write and speak if

3 min Compliance

An Open Letter to the Office of the Australian Information Commissioner

Dear OAIC, I love your website. I really, really, really, really, REALLY love your website. It is brilliant. Thank you. Warm regards, Samantha Humphries Rapid7 Senior Manager, Global Markets & Compliance Glad I’ve got that off my chest. I should probably elaborate on my feelings, not just because our community manager might think I’ve finally lost my remaining marbles and she has to approve this blog, but because I want you to love their website [https://www.oaic.gov.au/] too, especially if

4 min GDPR

February – Test & Take Note

Well, if there’s one good thing to say about February, especially for those of us deep in the bowels of winter, it’s that January is finally behind us. However, it does bring the impending GDPR compliance [https://www.rapid7.com/solutions/compliance/gdpr/] date ever closer. February 25th 2018 marks the three month deadline, so there really isn’t much time left to get your GDPR houses nicely in order. We’ve been posting regular blogs on the subject for four months now, and if you’ve been followin

4 min GDPR

GDPR Preparation Checklist: January – Teach and Tidy

New year, new things to think about when it comes to your GDPR compliance [https://www.rapid7.com/solutions/compliance/gdpr/] preparations. Hopefully your GDPR project is in full swing by now. If it’s not, then you do really need to be getting your skates well and truly on. Do take a look through our November [/2017/11/14/gdpr-preparation-november-form-storm/] and December [/2017/12/04/gdpr-compliance-checklist-december-assess-review/] preparation blogs for ideas on how to get going. As of Janua

4 min Incident Response

Prepare for Battle: Let’s Build an Incident Response Plan (Part 4)

This is not a drill. In this final installment, read our recommendations for handling a real incident. Whether opportunistic or targeted, here's what you should be thinking about.

4 min Incident Response

Prepare for Battle: Let’s Build an Incident Response Plan (Part 3)

Now, it’s time for the fun stuff. While an incident response plan review may feel like practicing moves on a wooden dummy, stress testing should feel more like Donnie Yen fighting ten people for bags of rice in Ip Man

4 min Incident Response

Prepare for Battle: Let’s Build an Incident Response Plan (Part 2)

In Part 1, we covered key considerations when drafting an incident response plan. Here, we'll cover the best way to get buy-in from key company stakeholders...