Posts tagged SecOps

4 min DevSecOps

Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity

Let’s take a look at some key insights on current industry efforts to more closely integrate DevOps and SecOps—and how you can plot your best path forward.

3 min Vulnerability Management

Defining Vulnerability Risk Management (and How to Build a Modern VRM Program)

Once upon a time (just a handful of years ago), vulnerability management [https://www.rapid7.com/solutions/vulnerability-management/] programs focused solely on servers, running quarterly scans that targeted only critical systems. But that was then, and you can’t afford such a limited view in the now. Truth is, vulnerability exploitation now happens indiscriminately across the modern attack surface—from local and remote endpoints to on-prem and cloud infrastructure to web applications and con

4 min AWS

Seeing Security Scale: Rapid7’s Recap of AWS re:Invent 2018

In this post, I will detail my time at AWS re:Invent and provide observations about how security plays a role in our cloud journey.

3 min Incident Detection

Rapid7 Leads All 'Strong Performers' in 2018 Forrester Wave for Emerging MSSPs

We’re proud to be recognized in the Forrester Wave as the leader in the “Strong Performer” category and to score second highest overall current offering for our Managed Security Services.

3 min Azure

Azure Security Center and Active Directory Now Integrate with the Rapid7 Platform

Today, we announced [https://www.rapid7.com/about/press-releases/rapid7-integrates-with-microsoft-azure/] continued, more comprehensive development of the integration between the Rapid7 Insight platform [https://www.rapid7.com/products/insight-platform/] and Microsoft Azure. A new integration with Azure Security Center makes it easy to deploy the Rapid7 unified Insight Agent across new and existing Azure Virtual Machines. This automated deployment enables InsightVM customers to maintain consta

3 min Application Security

In Our Customers’ Words: Why Mastering Application Security Basics Matters

In a recent conversation with a Rapid7 application security customer, I was reminded how much of a security practitioner’s day can be consumed by troubleshooting buggy tools and manually executing the same tasks over and over again (needlessly, may I add). As much as we’d like to think that security professionals’ time is being efficiently utilized, oftentimes inadequate tools, a lack of automation, and organizational silos impede SecOps-driven [https://www.rapid7.com/solutions/secops/] progress

4 min Vulnerability Management

3 Steps to Clear the Fog: Improving Vulnerability Remediation Visibility with InsightVM

The moment you send a vulnerability report to your IT team, you want assurance that it’s being worked on—especially if there are critical vulnerabilities. You also want to be sure issues are prioritized in the right way so that deadlines are met. Often, however, this is not the reality. With different processes and tools in place, it’s difficult to align security and IT teams for effective vulnerability remediation [https://www.rapid7.com/products/insightvm/use-cases/work-better-with-it-and-devo

2 min InsightVM

Rapid7 InsightVM Named Best Vulnerability Management Solution by SC Magazine

SC Media has announced the 2018 SC Awards and (drumroll, please…) InsightVM [https://www.rapid7.com/products/insightvm/] is proud to take top honors as Best Vulnerability Management Solution in the Trust Awards category. Our team works tirelessly day in and day out to bring SecOps best practices [https://www.rapid7.com/solutions/secops/] to our customers, help our customers secure their modern networks, and work across teams to solve their trickiest problems. It means the world to us when th

4 min DevOps

How DevOps Can Use Quality Gates for Security Checks

Your team has been working at all hours to put the final touches on code for a new big feature release. All the specs are in, the feature works as expected, and the code is pushed to production. A few hours later, the daily security scan runs and the alerts start piling in. What went wrong? And what do you do now? Typically when this happens, it means rolling back the entire deployment, retroactively fixing the bugs and vulnerabilities in the code, and a week or two later, re-deploying. If you’