Posts tagged Detection and Response

1 min Detection and Response

[The Lost Bots] Episode 1: External Threat Intelligence

Welcome to The Lost Bots, a new vlog series where Rapid7 resident expert and former CISO, Jeffrey Gardner (virtually) sits down with fellow industry experts to spill the tea on current events and trends in the security space.

3 min Detection and Response

Accelerating SecOps and Emergent Threat Response with the Insight Platform

Efficiency and streamlined operations are two areas where our team will continue to focus efforts in order to deliver value across Rapid7’s growing best-in-class portfolio, while enabling cross capability experiences that improve security team effectiveness.

6 min Detection and Response

Why the Robot Hackers Aren’t Here (Yet)

Over the years, we’ve seen security in general and vulnerability discovery in particular move from a risky, shady business to massive corporate-sponsored activities with open marketplaces for bug bounties.

10 min Detection and Response

Securing the Supply Chain: Lessons Learned from the Codecov Compromise

This blog post is meant to provide the security community with defensive knowledge and techniques to protect against supply chain attacks involving continuous integration (CI) systems

4 min InsightIDR

What's New in InsightIDR: Q2 2021 in Review

We are thrilled to announce that Rapid7 has been named a Leader in the 2021 Gartner Magic Quadrant for SIEM. As the detection and response market becomes more competitive, we are honored to be recognized as one of the six 2021 Magic Quadrant Leaders named in this report.

16 min Detection and Response

Introducing the Manual Regex Editor in IDR’s Parsing Tool: Part 2

I will discuss here how to use Regex Editor mode, which assumes a general understanding of regular expression.

10 min Detection and Response

Introducing the Manual Regex Editor in IDR’s Parsing Tool: Part 1

New to writing regular expressions? No problem. In this two-part blog series, we’ll cover the basics of regular expressions and how to write regular expression statements (regex) to extract fields from your logs while using the custom parsing tool.

3 min Gartner

Once Again, Rapid7 Named a Leader in 2021 Gartner Magic Quadrant for SIEM

This is the second consecutive time our SaaS SIEM—InsightIDR—has been named a Leader in this report.

2 min Detection and Response

Automated remediation level 4: Actual automation

After the previous 3 steps—where we discussed everything from logging to best practices to account hygiene—it’s time to talk about the actions that really let you calibrate and control the kind of remediation you’re looking to get out of the process.

3 min Detection and Response

Automated remediation level 3: Governance and hygiene

The best way to mold a solution that makes sense for your company and cloud security is by adding actions that cause the fewest deviations in your day-to-day operations.

3 min Kill Chain

Kill Chains: Part 3→What’s next

As the final entry in this blog series, we want to quickly recap what we have previously discussed and also look into the possible future of kill chains.

2 min Detection and Response

CVE-2021-20025: SonicWall Email Security Appliance Backdoor Credential

The virtual, on-premises version of the SonicWall Email Security Appliance ships with an undocumented, static credential, which can be used by an attacker to gain root privileges on the device.

4 min Detection and Response

Attack Surface Analysis Part 3: Red and Purple Teaming

This is the third and final installment in our 2021 series around attack surface analysis. In this installment I’ll detail the final 2 analysis techniques—red and purple teaming.

2 min Detection and Response

Automated remediation level 2: Best practices

When it comes to automating remediation, the second level we’ll discuss takes a bit of additional planning. This is so that users will see little to no impact in the account fundamentals automation process.

6 min Detection and Response

Attack Surface Analysis Part 2: Penetration Testing

In this three-part series, we’ll explore key considerations and strategies for choosing an attack surface analysis strategy, and the ways it can be used to increase awareness of both technical and process-related risks.