Under the Hoodie

User credentials remain a "quick win" for pen testers

In our latest edition of “Under the Hoodie: Lessons From a Season of Penetration Testing,” we present the results of 268 engagements, conducted from early September of 2017 through mid-June of 2018. We found that at least one credential was captured in 53% of all engagements, and 86% of the time when looking purely at internal engagements.

Detect compromised credentials with InsightIDR

Our research findings don't stop there. The knowledge of our expert pen testers and research team also feeds Rapid7 products, including InsightIDR. By combining SIEM, UBA, and EDR, you'll detect intruders earlier in the attack chain so you can respond before critical data is compromised.

Fill out the form and see for yourself how we turn the attack trends our team sees in the real world into useful detections with a free 30-day trial.