Posts tagged Insight platform

3 min Vulnerability Management

Defining Vulnerability Risk Management (and How to Build a Modern VRM Program)

Once upon a time (just a handful of years ago), vulnerability management [https://www.rapid7.com/solutions/vulnerability-management/] programs focused solely on servers, running quarterly scans that targeted only critical systems. But that was then, and you can’t afford such a limited view in the now. Truth is, vulnerability exploitation now happens indiscriminately across the modern attack surface—from local and remote endpoints to on-prem and cloud infrastructure to web applications and con

5 min Insight platform

How Rapid7 Customer Hilltop Holdings Integrates Security Tools for a Multi-Layered Approach

We interviewed Hilltop Holdings' director of security operations about how his organization approaches multi-level security in the financial industry.

8 min AWS

Automating the Cloud: AWS Security Done Efficiently

Today, we are going to be installing software on all your existing EC2 instances across several (or all!) accounts under an organization in AWS.

2 min Insight platform

Integrating Access to Rapid7 Insight Platform Applications with Your Existing SSO Identity Provider

We are introducing a new capability into the Rapid7 Insight platform to enable what is commonly referred to as identity provider-initiated login

14 min Insight platform

Automate Insight Agent Deployment in AWS

Hello, fellow nerds! Today, I am going to walk you through deploying the Rapid7 Insight Agent in your AWS environment(s).

4 min InsightVM

Automate to Accelerate: Introducing Security Orchestration and Automation on the Rapid7 Insight Platform

Rapid7 is proud to officially announce orchestration and automation on our Insight platform, with automation taking shape in a number of existing products and our new SOAR offering, Rapid7 InsightConnect.

3 min Azure

Azure Security Center and Active Directory Now Integrate with the Rapid7 Platform

Today, we announced [https://www.rapid7.com/about/press-releases/rapid7-integrates-with-microsoft-azure/] continued, more comprehensive development of the integration between the Rapid7 Insight platform [https://www.rapid7.com/products/insight-platform/] and Microsoft Azure. A new integration with Azure Security Center makes it easy to deploy the Rapid7 unified Insight Agent across new and existing Azure Virtual Machines. This automated deployment enables InsightVM customers to maintain consta

4 min Customer Perspective

Why Bow Valley College Gives Rapid7 InsightVM High Marks for Vulnerability Management

Bow Valley College uses InsightVM dashboards to identify quick wins, measure success, and communicate to senior leadership. James Cairns, database administrator at Bow Valley College, gave us a look into their vulnerability management journey with Rapid7. It’s my job to assess vulnerabilities, facilitate patching, and work with the rest of my infrastructure team to optimize our resources in order to stay on top of security issues. As the database administrator for Bow Valley College in Calgary,

5 min Breach Preparedness

Phishing Attacks Duping Your Users? Here’s a Better Anti-Phishing Strategy.

You’ve hired the best of the best and put up the right defenses, but one thing keeps slipping in the door: phishing emails. Part of doing business today, unfortunately, is dealing with phishing attacks [https://www.rapid7.com/fundamentals/phishing-attacks/]. Few organizations are immune to phishing anymore; it’s on every security team’s mind and has become the number one threat to organizations [https://www.sans.org/reading-room/whitepapers/analyst/2017-threat-landscape-survey-users-front-line-3

2 min Application Security

New InsightAppSec Releases: Compliance Reports and the AppSec Toolkit

Things are always brewing in Rapid7 product development. Today, we’re excited to announce several exciting new features in InsightAppSec, our cloud-powered application security testing solution for modern web apps [https://www.rapid7.com/products/insightappsec/]. These include: * Custom reports for PCI, HIPAA, SOX, and OWASP 2017 compliance requirements * PDF report generation * The Rapid7 AppSec Toolkit * Macro Recorder * Traffic Viewer * RegEx Builder * Swagger/Rest API Utilit

1 min Whiteboard Wednesday

Whiteboard Wednesday: How to Implement A Phishing Awareness Training Plan in 5 Steps

There’s no silver bullet to combating protecting your organization from phishing attacks [https://www.rapid7.com/solutions/phishing-protection/] today. The only comprehensive approach leverages a combination of methods, many of which we’ve covered in parts 1 [https://www.rapid7.com/resources/wbw-anti-phishing/] and 2 [https://www.rapid7.com/resources/wbw-phishing-protection/] of our three-part phishing Whiteboard Wednesday series. Phishing is a human problem, and part of the solution is to prop

3 min Phishing

Identify, Analyze, and Report Phishing Emails With InsightPhishing: Getting Started

Starting March 1, 2019, Rapid7 will no longer offer or support InsightPhishing, and the beta program will end. Click here [https://kb.help.rapid7.com/docs/insightphishing-end-of-program-announcement] for more information. We often talk about running phishing simulation campaigns as a way of training our teams on what phishing emails look like. Given that 92% of breaches [http://www.verizonenterprise.com/resources/reports/rp_data-breach-digest-2017-perspective-is-reality_xg_en.pdf] have a thre

1 min Honeypots

Whiteboard Wednesday: Your 6-Minute Recap of Q1 2018’s Threat Landscape

Gotten a chance to read Rapid7’s Quarterly Threat Report for 2018 Q1 [https://www.rapid7.com/info/threat-report/2018-q1-threat-report/]? If not (or if you’re more of an auditory learner), we’ve put together a 6-minute recap video of the major findings. In our Quarterly Threat Reports [https://www.rapid7.com/info/threat-report/], our security researchers provide a wide-angle view of the threat landscape by leveraging intelligence from the Rapid7 Insight platform [https://www.rapid7.com/products/

2 min DevOps

Introducing InsightOps: A New Approach to IT Monitoring and Troubleshooting

Today we are announcing the general availability of a brand new solution: Rapid7 InsightOps [https://www.rapid7.com/products/insightops/]. This latest addition to the Insight platform continues our mission to transform data into answers, giving you the confidence and control to act quickly. InsightOps is Rapid7's first IT-specific solution, enabling users to centralize data from infrastructure, assets and applications, so they can monitor and troubleshoot operational issues [https://www.rapid7.

2 min Metasploit

Protecting Your Web Apps with AppSpider Defend Until They Can Be Patched

AppSpider [https://rapid7.com/products/appspider/] scans can detect exploitable vulnerabilities in your applications, but once these vulnerabilities are detected how long does it take your development teams to create code fixes for them?  In some cases it could take several days to weeks before a fix/patch to resolve the vulnerability can be deployed, and during this time someone could be actively exploiting this issue in your application.  AppSpider Defend, which is now integrated into AppSpide