Posts tagged Detection and Response

2 min Detection and Response

Automated remediation level 1: Lock down fundamentals

Ensuring visibility across teams is a critical component in a shared data set where everyone can come to the same conclusions. And if this understanding and trust between teams is achieved, then you might be ready to get into the particulars of automated remediation.

3 min Detection and Response

Attack Surface Analysis Part 1: Vulnerability Scanning

In this three-part series, we’ll explore key considerations and strategies for choosing an attack surface analysis strategy. We’ll start with vulnerability assessment below.

2 min Kill Chain

Kill chains: Part 2→Strategic and tactical use cases

Let’s now take a look at how you can leverage the different kill chains to overcome vulnerabilities and win the day against attackers.

3 min Detection and Response

Kill chains: Part 1→Strategic and operational value

More recently, the term has been conscripted by the cybersecurity world to help businesses and security organizations go on the offensive, ensuring there are no gaps in their mitigation strategies and that their threat-hunting processes are sound.

3 min Emergent Threat Response

Want to stay ahead of emerging threats? Here’s how.

A key question security organizations should ask themselves with regard to emerging threats: Are the systems we have logging the correct information?

2 min Cloud Security

Top Challenges for Security Analytics and Operations, and How a Cloud-Based SIEM Can Help

To keep up and combat key security operations challenges, many organizations are making the move to the cloud for broader, more flexible detection and response coverage of their ever-changing security environments.

4 min

MDR Vendor Must-Haves, Part 10: Included Security Orchestration and Automation

This blog post is part of an ongoing series about evaluating Managed Detection and Response (MDR) providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.”

6 min Managed Detection and Response

MDR Vendor Must-Haves, Part 9: Assigned Analyst Pods and Security Program Advisors

This blog post is part of an ongoing series about evaluating Managed Detection and Response (MDR) providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.”

5 min Managed Detection and Response

MDR Vendor Must-Haves, Part 8: Rapid7 Incident Response (Breach) Support

Having the best threat detection methodologies, a streamlined and efficient process for validating threats, and a rock-solid reporting standard may still leave you open to unexpected costs.

4 min Phishing

How to Turbocharge Your Phishing Response Plan

A quick reaction to a phishing threat can mean the difference between a massive breach or a fast fix.

5 min

MDR Vendor Must-Haves, Part 7: Managed Response Actions

Security teams face unprecedented challenges as the threat landscape expands in scope and complexity. Protecting the organization in today’s environment has led to analyst fatigue, with many organizations struggling to respond to both user and host threats in a timely manner.

2 min MDR

MDR Must-Haves, Part 6: Threat Validation and Detailed Reporting

Engaging a managed security service provider—either a traditional MSSP or MDR provider—should never involve wasting your time.

4 min MDR

MDR Vendor Must-Haves, Part 5: Multiple Threat Detection Methodologies, Including Deep Attacker Behavior Analysis

The best Managed Detection and Response (MDR) providers use a combination of threat intelligence, User Behavior Analytics (UBA), Attacker Behavior Analytics (ABA), and human threat hunts to provide detection for threats and attackers.

3 min InsightIDR

What’s New in InsightIDR: Q1 2021 in Review

Back at the start of the year, we reflected on some of our 2020 InsightIDR product investments and took a look at what was ahead in 2021. As the first quarter of the year comes to a close, we wanted to offer a closer look at some of the recent updates and releases in InsightIDR.

2 min Managed Detection and Response

MDR Vendor Must-Haves, Part 4: Ingestion of Authentication Data Across Local, Domain, and Cloud Sources

There isn’t a single threat or breach that doesn’t involve attackers using legitimate credentials to cause harm.