7 min
Research
Stories from the SOC Part 2: MSIX Installer Utilizes Telegram Bot to Execute IDAT Loader
In part one of our blog series, we discussed how a Rust based application was used to download and execute the IDAT Loader. In part two of this series, we will be providing analysis of how an MSIX installer led to the download and execution of the IDAT Loader.
5 min
Managed Detection and Response (MDR)
What’s New in Rapid7 Products & Services: Q1 2024 in Review
We kicked off 2024 with a continued focus on bringing security professionals the tools and functionality needed to anticipate risks, pinpoint threats, and respond faster with confidence.
10 min
Malware
Stories from the SOC Part 1: IDAT Loader to BruteRatel
Rapid7’s Managed Detection and Response (MDR) team continuously monitors our customers' environments, identifying emerging threats and developing new detections.
7 min
Incident Response
RCE to Sliver: IR Tales from the Field
Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.
3 min
Digital Risk Protection (DRP)
Four Key Benefits of Rapid7’s New Managed Digital Risk Protection Service
Cybercrime has boomed to the third largest economy in the world behind the US and China, with much of the most nefarious behavior on the dark web. Monitoring it effectively can be the key to identifying the earliest signals of an attack – and the difference between a minor event and a major breach.
2 min
Security Operations (SOC)
Attackers are Working Around The Clock. Luckily, So Are We.
With the average cost of a breach at an all time high of $4.45 million, there’s an undeniable need for teams to enlist the right experts to quickly eradicate threats.
4 min
MSSP
When Maximum Effort Doesn't Equate to Maximum Results
It’s no secret that security teams are feeling beleaguered as a result of the barrage of data, events, and alerts generated by their security tools, increased budget scrutiny and constrained staff resources.
2 min
Managed Detection and Response (MDR)
Proactively Prevent Breaches with Expanded Endpoint Protection in Rapid7 MDR
Rapid7 has expanded Managed Threat Complete to include native NGAV and DFIR powered by our universal Insight Agent.
3 min
DFIR
Unlock Broader Detections and Forensics with Velociraptor in Rapid7 XDR
Rapid7 is excited to announce the integration of Velociraptor, our leading open-source DFIR framework, into the Insight Platform for InsightIDR Ultimate users — all with no additional deployment or configurations required.
7 min
Emergent Threat Response
Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs
Rapid7’s managed detection and response (MDR) teams have observed increased threat activity targeting Cisco ASA SSL VPN appliances (physical and virtual) dating back to at least March 2023, including several incidents that ended in ransomware deployment.
3 min
Managed Detection and Response (MDR)
Healthcare Orgs: Do You Need an Outsourced SOC?
Learn how your healthcare organization can benefit from cybersecurity managed services and an outsourced SOC.
5 min
Managed Detection and Response (MDR)
Rapid7 Recognized as a Strong Performer in The Forrester Wave™ for MDR, Q2 2023
Rapid7 is proud to be recognized amongst the top 13 vendors, as a Strong Performer, in The Forrester WaveTM: Managed Detection and Response, Q2 2023.
4 min
Managed Detection and Response (MDR)
Three Takeaways from the Gartner® Market Guide for Managed Detection and Response Services
We are proud to offer this complimentary Gartner® Market Guide for Managed Detection and Response for businesses of all sizes.
1 min
Managed Detection and Response (MDR)
[The Lost Bots] S03E02: Finding unknowns, even spy balloons
Rapid7 Detection and Response Practice Advisor Jeffery Gardner and co-host Stephen Davis, Lead Technical Customer Advisor for MDR, discuss spy balloons and cybersecurity.
2 min
Managed Threat Complete
The Next Generation of Managed Detection and Response is Here
Managed Threat Complete: It’s always-on MDR plus unlimited vulnerability management with a single subscription.