Incident Response Services
Penetration Testing Services
IoT Security Services
Training & Certification
Managed Detection & Response (MDR)
Managed Vulnerability Management
Managed Application Security
Find a Partner
Rapid7 Insight is your home for SecOps, equipping you with the visibility, analytics, and automation you need to unite your teams and amplify efficiency.
Insight Cloud Overview Try Now
User Behavior Analytics & SIEM
Orchestration & Automation
Application Security On-Premise
Need a hand with your security program? From planning and strategy to full service support, our experts have you covered.
Need immediate help with a breach?
It’s harvest time (at least here in the United States), and as we prepare to reap the bounties of the land, so too have we seen attackers make good use of the exploits they’ve sown and infrastructure they’ve co-opted. The credential compromises and remote access attempts of Q2 have ripened into suspicious service logins and lateral movement actions involving credentials, along with increases in the presence of malware on systems. We've included a handful of Q3 highlights below, but read the full report to learn more, and be sure to register for our webcast (November 15, 2:00 p.m. ET/11:00 a.m. PT) to hear directly from researchers what these trends mean for 2018.
Adversaries on vacation:Summertime generally means vacation time, and as a result there’s a definite slowdown in threat events involving user interaction. We'll watch for a return to "normal" in Q4.
Detected Emotet/Hedeo use:We saw Emotet/Hedeo campaign usage in 70% of malware-oriented incidents in September across many industries, including healthcare, real estate, and construction. The entry point? Malicious spam or phishing emails.
Memcached resurgance:There was a continued threat of memcached being used in amplification attacks, including from a single node in Indonesia IPv4-space, along with Mirai letting us know “it’s not dead yet.”
Rapid7 InsightIDR leverages attacker analytics to detect intruder activity earlier in the attack chain, cutting down false positives and days’ worth of work for security professionals. It hunts for actions indicative of compromised credentials, spots lateral movement across assets, detects malware, and sets traps for intruders.
Utilizing the power of Rapid7’s Insight platform and the heritage of our award-winning Nexpose product, InsightVM—our vulnerability assessment solution—provides a fully available, scalable, and efficient way to collect your vulnerability data, turn it into answers, and minimize your risk in modern environments.