3 min
InsightIDR
InsightIDR Now Supports Multi-Factor Auth and Data Archiving
InsightIDR is now part of the Rapid7 platform. Learn more about our platform vision and how it enables you to have the SIEM solution you've always wanted.
2 min
InsightIDR
Want to try InsightIDR in Your Environment? Free Trial Now Available
InsightIDR, our SIEM powered by user behavior analytics, is now available to try in your environment. This post shares how it can help your security team.
4 min
InsightIDR
PCI DSS Dashboards in InsightIDR: New Pre-Built Cards
No matter how much you mature your security program
[https://www.rapid7.com/fundamentals/security-program-basics/] and reduce the
risk of a breach, your life includes the need to report across the company, and
periodically, to auditors. We want to make that part as easy as possible.
We built InsightIDR [https://www.rapid7.com/products/insightidr/] as a SaaS SIEM
[https://www.rapid7.com/solutions/siem/] on top of our proven User Behavior
Analytics (UBA) [https://www.rapid7.com/solutions/user-beh
2 min
InsightIDR
More Answers, Less Query Language: Bringing Visual Search to InsightIDR
Sitting down with your data lake and asking it questions has never been easy. In
the infosec world, there are additional layers of complexity. Users are bouncing
between assets, services, and geographical locations, with each monitoring silo
producing its own log files and slivers of the complete picture.
From a human perspective, distilling this data requires two unique skillsets:
* Incident Response [https://www.rapid7.com/fundamentals/incident-response/]:
Is this anomalous activity a fa
8 min
SIEM
Incident Detection and Investigation - How Math Helps But Is Not Enough
I love math. I am even going to own up to having been a "mathlete" and looking
forward to the annual UVM Math Contest
[http://www.emba.uvm.edu/~lkost/UVM_Contest/uvm_contest.html] in high school. I
pursued a degree in engineering, so I can now more accurately say that I love
applied mathematics, which have a much different goal than pure mathematics.
Taking advanced developments in pure mathematics and applying them to various
industries in a meaningful manner often takes years or decades. In th
5 min
SIEM
12 Days of HaXmas: Rudolph the Machine Learning Reindeer
Merry HaXmas to you! Each year we mark the 12 Days of HaXmas [/tag/haxmas/] with
12 blog posts on hacking-related topics and roundups from the year. This year,
we're highlighting some of the “gifts” we want to give back to the community.
And while these gifts may not come wrapped with a bow, we hope you enjoy them.
Sam the snowman taught me everything I know about reindeer [disclaimer: not
actually true], so it only seemed logical that we bring him back to explain the
journey of machine learni
4 min
User Behavior Analytics
SIEM Tools Aren't Dead, They're Just Shedding Some Extra Pounds
Security Information and Event Management (SIEM) is security's Schrödinger's
cat. While half of today's organizations have purchased SIEM tools
[https://rapid7.com/fundamentals/siem-tools/], it's unknown if the tech is
useful to the security team… or if its heart is even beating or deployed. In
response to this pain, people, mostly marketers, love to shout that SIEM is
dead, and analysts are proposing new frameworks with SIEM 2.0/3.0, Security
Analytics
[https://www.forrester.com/report/Vendor+L
4 min
SIEM
Cyber Threat Intelligence: How Do You Incorporate it in Your InfoSec Strategy?
In the age of user behavior analytics
[https://www.rapid7.com/solutions/user-behavior-analytics.jsp?CS=blog], next-gen
attacks, polymorphic malware, and reticulating anomalies, is there a time and
place for threat intelligence? Of course there is! But – and it seems there is
always a ‘but' with threat intelligence – it needs to be carefully applied and
managed so that it truly adds value and not just noise. In short, it needs to
actually be intelligence, not just data, in order to be valuable to
4 min
SIEM
Displace SIEM "Rules" Built for Machines with Custom Alerts Built For Humans
If you've ever been irritated with endpoint detection being a black box and SIEM
[https://www.rapid7.com/solutions/siem.jsp?CS=blog] detection putting the entire
onus on you, don't think you had unreasonable expectations; we have all wondered
why solutions were only built at such extremes. As software has evolved and our
base expectations with it, a lot more people have started to wonder why it
requires so many hours of training just to make solutions do what they are
designed to do. Defining a
3 min
Vulnerability Management
Warning: This blog post contains multiple hoorays! #sorrynotsorry
Hooray for crystalware!
I hit a marketer's milestone on Thursday – my first official award ceremony,
courtesy of the folks at Computing Security Awards
[http://computingsecurityawards.co.uk/], which was held at The Cumberland Hotel
in London. Staying out late on a school night when there's a 16 month old
teething toddler in the house definitely took it's toll the following morning,
but the tiredness was definitely softened by the sweet knowledge that we'd left
the award ceremony brandishing som
4 min
SIEM
Demanding More from Your SIEM Tools [Webcast Summary]
Do you suffer from too many vague and un-prioritized incident alerts? What about
ballooning SIEM [https://www.rapid7.com/solutions/siem.jsp?CS=blog] data and
deployment costs as your organization expands and ingests more data? You're not
alone. Last week, over a hundred infosec folks joined us live for Demanding
More
out of Your SIEM
[https://information.rapid7.com/demanding-more-out-of-your-siem.html?CS=blog].
Content Shared in the Webcast
In Gartner's Feb 2016, “Security Information and Even
4 min
Nexpose
InsightIDR & Nexpose Integrate for Total User & Asset Security Visibility
Rapid7's Incident Detection and Response
[https://www.rapid7.com/solutions/incident-detection/] and Vulnerability
Management [https://www.rapid7.com/solutions/vulnerability-management.jsp]
solutions, InsightIDR [https://www.rapid7.com/products/insightidr/] and Nexpose
[https://www.rapid7.com/products/nexpose/], now integrate to provide visibility
and security detection across assets and the users behind them. Combining the
pair provides massive time savings and simplifies incident investigation
5 min
SIEM
SIEM Solutions Don't Detect Attacks, Custom Code And Advanced Analysts Do
This post is the fifth in a series examining the roles of search and analytics
in the incident-detection-to-response lifecycle. To read the first four, click
here [/2015/10/21/search-will-always-be-a-part-of-incident-investigations], here
[/2015/10/29/whether-or-not-siem-died-the-problems-remain], here
[/2015/11/05/investigating-an-incident-doesnt-end-at-the-perimeter], and here
[/2015/11/11/making-sure-search-is-not-your-incident-response-bottleneck].
While a lot of people may think it's a co
3 min
User Behavior Analytics
[Q&A] User Behavior Analytics as Easy as ABC Webcast
Earlier this week, we had a great webcast all about User Behavior Analytics
[https://www.rapid7.com/solutions/user-behavior-analytics.jsp?cs=blog] (UBA). If
you'd like to learn why organizations are benefiting from UBA, including how it
works, top use cases, and pitfalls to avoid, along with a demo of Rapid7
InsightIDR, check out on-demand: User Behavior Analytics: As Easy as ABC
[https://information.rapid7.com/uba-as-easy-as-abc.html] or the UBA Buyer's
Tool
Kit
[https://information.rapid7.com/
3 min
SIEM
Hide and Seek: Three Unseen Costs in Your SIEM Products
As the saying goes, ‘there is no such thing as a free lunch.' In life, including
the technology sector, many things are more expensive than they appear. A free
game app encourages in-app purchases to enhance the playing experience, while a
new phone requires a monthly plan for data, calling, and texting capabilities.
In the security industry, one technology that stands out for its hidden costs is
Security Information and Event Management (SIEM) tools
[https://www.rapid7.com/solutions/siem.jsp].