3 min
Detection and Response
Kill Chains: Part 1→Strategic and operational value
More recently, the term has been conscripted by the cybersecurity world to help businesses and security organizations go on the offensive, ensuring there are no gaps in their mitigation strategies and that their threat-hunting processes are sound.
3 min
Emergent Threat Response
Want to stay ahead of emerging threats? Here’s how.
A key question security organizations should ask themselves with regard to emerging threats: Are the systems we have logging the correct information?
2 min
Cloud Security
Top Challenges for Security Analytics and Operations, and How a Cloud-Based SIEM Can Help
To keep up and combat key security operations challenges, many organizations are making the move to the cloud for broader, more flexible detection and response coverage of their ever-changing security environments.
6 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 9: Assigned Analyst Pods and Security Program Advisors
This blog post is part of an ongoing series about evaluating Managed Detection and Response (MDR) providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.”
5 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 8: Rapid7 Incident Response (Breach) Support
Having the best threat detection methodologies, a streamlined and efficient process for validating threats, and a rock-solid reporting standard may still leave you open to unexpected costs.
4 min
Phishing
How to Turbocharge Your Phishing Response Plan
A quick reaction to a phishing threat can mean the difference between a massive breach or a fast fix.
5 min
MDR Vendor Must-Haves, Part 7: Managed Response Actions
Security teams face unprecedented challenges as the threat landscape expands in scope and complexity. Protecting the organization in today’s environment has led to analyst fatigue, with many organizations struggling to respond to both user and host threats in a timely manner.
2 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 4: Ingestion of Authentication Data Across Local, Domain, and Cloud Sources
There isn’t a single threat or breach that doesn’t involve attackers using legitimate credentials to cause harm.
3 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 2: Ingestion of Network Device Data
One area that can offer incredible benefits in a Managed Detection and Response provider is the ingestion of network device data.
4 min
Detection and Response
Attack vs. Data: What You Need to Know About Threat Hunting
While the definition of threat hunting may be straightforward—proactively hunting for threats—the reality of implementing a threat-hunting program is a bit more complicated, as there are different threat-hunting methodologies to choose from.
18 min
Zero-Day
Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange
In recent weeks, there has been quite a lot of reporting on the exploitation of the latest disclosed vulnerabilities in Microsoft’s Exchange Server by an attacker referred to as HAFNIUM.
6 min
SOAR
SOC Automation with InsightIDR and InsightConnect
It may not be a surprise that automating your security operations will augment your team’s skills and expertise to detect and respond to threats with super speed.
1 min
Detection and Response
InsightIDR’s NTA Capabilities Expanded to AWS
We’re excited to announce we have expanded the Network Traffic Analysis (NTA) capabilities in InsightIDR to support Amazon Web Services (AWS) environments.
2 min
InsightIDR
How to Combat Alert Fatigue With Cloud-Based SIEM Tools
Fortunately, there’s a way to get the visibility your team needs and streamline alerts: leveraging a cloud-based SIEM.
2 min
Cloud Infrastructure
Why More Teams are Shifting Security Analytics to the Cloud This Year
As the threat landscape continues to evolve in size and complexity, so does the security skills and resource gap, leaving organizations both understaffed and overwhelmed.