Posts tagged Whiteboard Wednesday

3 min Vulnerability Management

How SOAR Is Disrupting Traditional Vulnerability Management

In a recent episode of Whiteboard Wednesday, we dive into how security orchestration, automation, and response (SOAR) is changing traditional vulnerability management.

3 min Whiteboard Wednesday

How to Gain Security Visibility into a Modern Environment

In our latest installment of Whiteboard Wednesday, we break down the step-by-step approach you can take to gain visibility across a modern environment and the main areas you should focus on.

2 min Whiteboard Wednesday

Whiteboard Wednesday: Common Vulnerabilities as Personified by Halloween Costumes

As a security professional, you don’t need a haunted house to feel spooked this Halloween—just start exploring your environment in search of vulnerabilities.

4 min InsightConnect

Security Orchestration and Automation: Not Just for Mature Organizations

Think that security, orchestration, and automation (SOAR) is only for mature organizations? Think again. Here are some ways your company can benefit from SOAR solutions.

5 min Whiteboard Wednesday

Endpoint Agents Are Necessary for Today’s Modern Environment: Here’s Why (Part 1)

Endpoint agents can help you integrate your siloed vulnerability management and incident detection and response programs and implement SecOps practices.

1 min Whiteboard Wednesday

Whiteboard Wednesday: How to Implement A Phishing Awareness Training Plan in 5 Steps

There’s no silver bullet to combating protecting your organization from phishing attacks [https://www.rapid7.com/solutions/phishing-protection/] today. The only comprehensive approach leverages a combination of methods, many of which we’ve covered in parts 1 [https://www.rapid7.com/resources/wbw-anti-phishing/] and 2 [https://www.rapid7.com/resources/wbw-phishing-protection/] of our three-part phishing Whiteboard Wednesday series. Phishing is a human problem, and part of the solution is to prop

1 min Honeypots

Whiteboard Wednesday: Your 6-Minute Recap of Q1 2018’s Threat Landscape

Gotten a chance to read Rapid7’s Quarterly Threat Report for 2018 Q1 [https://www.rapid7.com/info/threat-report/2018-q1-threat-report/]? If not (or if you’re more of an auditory learner), we’ve put together a 6-minute recap video of the major findings. In our Quarterly Threat Reports [https://www.rapid7.com/info/threat-report/], our security researchers provide a wide-angle view of the threat landscape by leveraging intelligence from the Rapid7 Insight platform [https://www.rapid7.com/products/

1 min InsightPhishing

Whiteboard Wednesday: The Two Components of Phishing Protection Your Security Strategy Needs

You’re no stranger to the threat of phishing. It’s everywhere, and plays a role in 92% of breaches, according to the Verizon Data Breach Digest [https://www.rsaconference.com/writable/presentations/file_upload/lab4-r12_data-breach-digest-perspectives-on-the-human-element_copy1.pdf] . Last month, during the first installment of our phishing Whiteboard Wednesday series, we talked about the key components of an anti-phishing program [https://www.rapid7.com/resources/wbw-anti-phishing/], and this mo

1 min Whiteboard Wednesday

How a breached vendor impacts your organization's security - this week's Whiteboard Wednesday

The traditional concept of the security perimeter is long-outdated, and as recent headline-grabbing data breaches have shown, we must also monitor to the corporate supply chain as a source of potential security issues down the road. And as business systems become increasingly interconnected, the risks can grow as well. In this week's Whiteboard Wednesday, Security Engineer Justin Pagano digs a little deeper into this issue and details: * How a vendor in your supply chain could (inadvertently

1 min Whiteboard Wednesday

The Anatomy of a Credit Card Breach: Whiteboard Wednesday [VIDEO]

The onset of the holiday season means lots of stores preparing for the inevitable shopping rush. While these retailers keep fingers crossed that customers make this season quite merry and bright, attackers also have high hopes for the season -- for lots of new credit card data to steal and sell. Plenty of organizations cover the scope and consequences of these credit card data breaches, so we thought we would walk through how these attacks actually work, from an attacker's initial entry to a ne

1 min Whiteboard Wednesday

WinShock (CVE-2014-6321) - what is it & how to remediate - Whiteboard Wednesday [VIDEO]

This month's Patch Tuesday disclosed vulnerability CVE-2014-6321, dubbed by some as "WinShock," and it's getting some major attention. Our Security Engineer Justin Pagano gives a rundown of this vulnerability with the information we have today—what it is, what it affects, and how you can best remediate it—in this Special Edition of Whiteboard Wednesday [http://www.rapid7.com/resources/videos/winshock-what-is-it-how-to-remediate.jsp] .* Whiteboard Wednesday video: WinShock - What is it? How to

1 min Whiteboard Wednesday

The difference between an IPS & IDS - Whiteboard Wednesday [VIDEO]

Intrusion Prevention System (IPS) and Intrusion Detection System (IDS) -- sometimes these acronyms are used a bit interchangeably, so we wanted to take a moment to clarify their differences and how these systems can be useful in your environment. Whiteboard Wednesday: IPS and IDS: What's The Difference? [VIDEO] [http://www.rapid7.com/resources/videos/ips-and-ids.jsp] Take a look at this week's Whiteboard Wednesday -- and as always, if there's a topic you'd like us to cover, drop us a comment

1 min Whiteboard Wednesday

Whiteboard Wednesday: Insider Threat Programs - How To Get Started

Do you need an insider threat program? It's a good question - one that more companies are considering as compromised users become an increasingly popular attack vector, and malicious user behavior becomes more prevalent. In this week's Whiteboard Wednesday video, we weigh some options on why you might want to consider an insider threat program, as well as give recommendations on steps you can take to start your own. As always, if there's a topic you'd like to see us cover in a Whiteboard Wed

1 min Whiteboard Wednesday

Whiteboard Wednesday [VIDEO]: BashBug/ShellShock explained

On this Very Special Whiteboard Wednesday, we bring you a video on a Thursday because, well, #bashbug happened. Thankfully the sky is not falling. In this bashbug-edition of Whiteboard Wednesday [http://www.rapid7.com/resources/videos/bashbug-vulnerability-explained.jsp], we discuss common attack vectors that could be used to exploit this vulnerability, exactly how this vulnerability compares to Heartbleed (if at all), and possible mitigating techniques—including, but not exclusively, the ever-

1 min Android

Android browser privacy bug explained [VIDEO]: Whiteboard Wednesday

todb [https://community.rapid7.com/people/todb]'s post earlier this week about the flaw in Android's Open Source Platform browser [/2014/09/15/major-android-bug-is-a-privacy-disaster-cve-2014-6041] has been getting a lot of attention this week, and for good reason: By the numbers, Android 4.2 and earlier builds have the vulnerable browser in question, and about 75% of Androids in the world today are using pre-4.4 builds. While not everyone uses the AOSP browser on their phone—certainly Firefox,