Posts tagged Reports

3 min Application Security

Application Security in 2022: Where Are We Now?

When Forrester put out The State of Application Security, 2022 report, we thought it was a great time to share where we think AppSec is headed.

Read Full Post

6 min Detection and Response

Rapid7 MDR Delivered 549% ROI via Headcount Avoidance, Time Savings, and Breach Risk Reduction

A Forrester Consulting study commissioned by Rapid7 found our MDR service delivered an estimated 549% return on investment over 3 years.

Read Full Post

4 min Ransomware

New Report Shows What Data Is Most at Risk to (and Prized by) Ransomware Attackers

"Pain Points: Ransomware Data Disclosure Trends" reveals a story of how ransomware attackers think, what they value, and how they apply pressure.

Read Full Post

3 min Ransomware

Complimentary GartnerⓇ Report "How to Respond to the 2022 Cyberthreat Landscape": Ransomware Edition

The complimentary GartnerⓇ report “How to Respond to the 2022 Cyberthreat Landscape"will help you understand and defend against the ransomware threat.

Read Full Post

3 min Cybersecurity

What's Changed for Cybersecurity in Banking and Finance: New Study

The results of a new VMware study show a changing landscape for cybersecurity in banking and finance.

Read Full Post

3 min Application Security

The 2021 OWASP Top 10 Have Evolved: Here's What You Should Know

In this post, we discuss the 2021 OWASP Top 10 and how the list is evolving alongside the web application security.

Read Full Post

3 min Detection and Response

SANS 2021 Threat Hunting Survey: How Organizations' Security Postures Have Evolved in the New Normal

The SANS Institute has conducted its sixth annual Threat Hunting Survey. Read this post for a preview of the survey's findings and its takeaways.

Read Full Post

2 min Cloud Security

Cloud Challenges in the Age of Remote Work: Rapid7’s 2021 Cloud Misconfigurations Report

The cloud has increased innovation, but it’s also impacted security risks. Our 2021 Cloud Misconfigurations Report takes a closer look at those risks.

Read Full Post

3 min Threat Intel

Rapid7 Threat Report: Q4 2017 Q4 Threat Report and 2017 Wrap-up

Welcome to Rapid7’s Q4 report, featuring our first annual threat report wrap-up! 2017 Quarterly Threat Report: Q4 and 2017 Wrap-Up Get the Full Report [https://www.rapid7.com/info/threat-report/2017-q4-threat-report] We could not have picked a better year to start doing this, as 2017 was one for the books. While we spent most of the year falling headfirst into a world where nation-state tools are available for anyone to use, the worm re-emerged (now evolved [/2017/06/27/petya-ransomware-explai

Read Full Post

3 min Vulnerability Management

Rapid7 Named a Leader in Forrester Wave for Vulnerability Risk Management

Today, we’re excited to announce a major milestone for InsightVM [https://www.rapid7.com/products/insightvm/]: Recognition as a Leader in The Forrester Wave™: Vulnerability Risk Management, Q1 2018, earning top scores in both the Current Offering and Strategy categories. We are proud of the achievement not only because of years of hard work from our product team, but also because we believe that it represents the thousands of days and nights spent working with customers to understand the challen

Read Full Post

4 min Threat Intel

Simplicity, Harmony, and Opportunity: Rapid7 Threat Report Q3 2017

John Archibald Wheeler, the theoretical physicist who first coined the term “wormhole” (and therefore brought us Deep Space 9) once listed Albert Einstein’s Three Rules of Work: > Out of clutter find simplicity; from discord find harmony; in the middle of difficulty lies opportunity. These rules seemed fitting for our third quarter threat report [https://www.rapid7.com/info/threat-report/2017-q3-threat-report/]. Q3 brought us plenty of clutter, discord, and difficulty, but in this threat repo

Read Full Post

2 min Cloud Infrastructure

[Cloud Security Research] Cross-Cloud Adversary Analytics

Introducing Project Heisenberg Cloud Project Heisenberg Cloud is a Rapid7 Labs research project with a singular purpose: understand what attackers, researchers and organizations are doing in, across and against cloud environments. This research is based on data collected from a new, Rapid7-developed honeypot framework called Heisenberg along with internet reconnaissance data from Rapid7's Project Sonar [https://sonar.labs.rapid7.com/?CS=blog]. Internet-scale reconnaissance with cloud-inspired a

Read Full Post

2 min Reports

Cyber security around the world - 8/5/14 - UK Information Security Breaches Survey

With so much happening in cyber security around the world lately, we're highlighting some of the interesting stories each week from across Europe, Middle East, Africa and Asia Pacific. This week we're in the United Kingdom where the 2014 Information Security Breaches Survey was launched at InfoSecurity Europe… United Kingdom The UK government has published the Information Security Breaches Survey [https://www.gov.uk/government/publications/information-security-breaches-survey-2014] every ye

Read Full Post

2 min Phishing

Stolen passwords - the no. 1 attack vector

The latest Verizon DBIR 2014 report [http://www.verizonenterprise.com/DBIR/2014/]published last week is clearly showing that the use of stolen credentials became the most common attack vector in 2013. In our upcoming webcast [http://information.rapid7.com/catch-me-if-you-can-webcast-registration.html], Matt Hathaway [https://community.rapid7.com/people/mhathawa] and I will discuss how user-based attacks are becoming the no. 1 "threat action" (in Verizon's words) and how organizations can detect

Read Full Post