Posts tagged Detection and Response

3 min Emergent Threat Response

PetitPotam: Novel Attack Chain Can Fully Compromise Windows Domains Running AD CS

Late last month (July 2021), security researcher Topotam published a proof-of-concept (PoC) implementation of a novel NTLM relay attack christened “PetitPotam.”

7 min Ransomware

The Ransomware Task Force: A New Approach to Fighting Ransomware

The Institute for Security and Technology put together a comprehensive Ransomware Task Force (RTF) to identify new approaches to shift the dynamics of ransomware and reduce opportunities for attackers.

1 min Extended Detection and Response

[The Lost Bots] Episode 2: Extended Detection and Response (XDR)

In this second episode, Jeffrey sits down with Dan Martin, a lead product manager for our platform at Rapid7, to discuss Extended Detection and Response (XDR).

1 min Detection and Response

[The Lost Bots] Episode 1: External Threat Intelligence

Welcome to The Lost Bots, a new vlog series where Rapid7 resident expert and former CISO, Jeffrey Gardner (virtually) sits down with fellow industry experts to spill the tea on current events and trends in the security space.

4 min Extended Detection and Response

Rapid7 + XDR: Security that Moves as Fast as Your Business

Making threat detection and response as agile and simple as possible enables security professionals to focus their time and energy on the most critical incidents and the things that matter most.

3 min Detection and Response

Accelerating SecOps and Emergent Threat Response with the Insight Platform

Efficiency and streamlined operations are two areas where our team will continue to focus efforts in order to deliver value across Rapid7’s growing best-in-class portfolio, while enabling cross capability experiences that improve security team effectiveness.

6 min Detection and Response

Why the Robot Hackers Aren’t Here (Yet)

Over the years, we’ve seen security in general and vulnerability discovery in particular move from a risky, shady business to massive corporate-sponsored activities with open marketplaces for bug bounties.

10 min Detection and Response

Securing the Supply Chain: Lessons Learned from the Codecov Compromise

This blog post is meant to provide the security community with defensive knowledge and techniques to protect against supply chain attacks involving continuous integration (CI) systems

4 min InsightIDR

What's New in InsightIDR: Q2 2021 in Review

We are thrilled to announce that Rapid7 has been named a Leader in the 2021 Gartner Magic Quadrant for SIEM. As the detection and response market becomes more competitive, we are honored to be recognized as one of the six 2021 Magic Quadrant Leaders named in this report.

16 min Detection and Response

Introducing the Manual Regex Editor in IDR’s Parsing Tool: Part 2

I will discuss here how to use Regex Editor mode, which assumes a general understanding of regular expression.

10 min Detection and Response

Introducing the Manual Regex Editor in IDR’s Parsing Tool: Part 1

New to writing regular expressions? No problem. In this two-part blog series, we’ll cover the basics of regular expressions and how to write regular expression statements (regex) to extract fields from your logs while using the custom parsing tool.

3 min Gartner

Once Again, Rapid7 Named a Leader in 2021 Gartner Magic Quadrant for SIEM

This is the second consecutive time our SaaS SIEM—InsightIDR—has been named a Leader in this report.

2 min Detection and Response

Automated remediation level 4: Actual automation

After the previous 3 steps—where we discussed everything from logging to best practices to account hygiene—it’s time to talk about the actions that really let you calibrate and control the kind of remediation you’re looking to get out of the process.

3 min Detection and Response

Automated remediation level 3: Governance and hygiene

The best way to mold a solution that makes sense for your company and cloud security is by adding actions that cause the fewest deviations in your day-to-day operations.

3 min Kill Chain

Kill Chains: Part 3→What’s next

As the final entry in this blog series, we want to quickly recap what we have previously discussed and also look into the possible future of kill chains.