Posts tagged Detection and Response

3 min Threat Intel

Rapid7 Threat Report Meets MITRE ATT&CK: What We Saw in 2019 Q1

The Q1 edition of our Quarterly Threat Report is unique because all investigated incidents have been mapped to the MITRE ATT&CK framework.

4 min InsightIDR

Why Deploying a SIEM Tool Doesn't Need to Be Complicated: A Pirate Story

Ahoy! In this Blackbeard-inspired blog, we will tell ye’ a tale of navigating your SS SIEM, InsightIDR, through the unpredictable waters of cybersecurity to reach Remediation Island.

2 min Research

Rapid7 Quarterly Threat Report: 2019 Q1

In our recent Quarterly Threat Report, we look at commonly targeted industries, the use of remote entry, and the most common phishing sites by industry.

3 min InsightIDR

Your Pocket Guide for Cloud SIEM Evaluation

In this post, we’ll quickly review five critical questions to help kick-start your cloud SIEM evaluation.

2 min Incident Response

4 Key Lessons from the Citycomp Data Breach

On April 30, 2019 Motherboard reported on a combined data breach and extortion attempt against Citycomp, a network and internet infrastructure firm based in Germany.

5 min InsightIDR

Capture the Flag: Red Team vs. Cloud SIEM

Here's how InsightIDR fared in a recent Capture the Flag (CTF) meetup with a special blue-team element.

3 min Rapid7 Perspective

How to Start a Career in Cybersecurity: From Stay-at-Home Mom to Security Pro-in-Training

My name is Carlota Bindner, and here is my story on how I went from being a stay-at-home mom and community volunteer to participating in Rapid7's Security Consultant Development Program.

4 min Incident Detection

Q4 Threat Report: Analyzing the Top 3 Advanced Threats and Detection Techniques

In this post, we’ll review three major findings based on data from Project Sonar, Project Heisenberg, and our Managed Detection and Response customer base, which leverages our security experts and InsightIDR to unify security data and identify compromises in real-time.

4 min InsightIDR

Forrester Tech Tide for Detection and Response: Is 2019 the Year of Convergence?

Rapid7 was recently recognized for capabilities spanning security user behavior analytics, security analytics, deception technology, SOAR, and file integrity monitoring.

3 min InsightIDR

Utilize File Integrity Monitoring to Address Critical Compliance Needs

To help organizations address their compliance auditing needs, we are excited to introduce file integrity monitoring (FIM) for InsightIDR.

2 min Research

Rapid7 Quarterly Threat Report: Q4 and 2018 Wrap-Up

In our 2018 Q4 Threat Report, we look at our custom Attacker Behavior Analytics rules, examine some new threats we’ve seen this year, and provide some steps to help you secure your organization.

3 min Incident Detection

How to Alert on Rogue DHCP Servers

How to alert on rogue DHCP servers using network traffic as a data source. We look at how you can use Wireshark or LANGuardian to detect DHCP servers.

4 min SIEM

SOC, SIEM, or MDR? How to Choose the Right Options for Your Infosec Program

Choosing between building an in-house SOC, utilizing a SIEM, or outsourcing to an MDR provider? Learn from three peers on how they made their decision.

3 min Breach Response News

PHP Extension and Application Repository (PEAR) Compromise: What You Need to Know

According to the PHP Extension and Application Repository (PEAR), a security breach had been found on the `pear.php.net` web server.

7 min Incident Response

Windows Event Forwarding: The Best Thing You’ve Never Heard Of

This blog post will discuss how to get logs into your SIEM and create custom alerts to detect certain behaviors in those logs.