Posts by Aaron Wells

4 min Detection and Response

The Empty SOC Shop: Where Has All the Talent Gone?

Here's a closer look at some strategies you can use to address churn and staffing shortages in your security operations center (SOC).

8 min Detection and Response

MDR, MEDR, SOCaaS: Which Is Right for You?

Let’s take a closer look at these three types of detection and response managed services to help you decide the best fit for your organization.

4 min Detection and Response

Security at Scale in the Open-Source Supply Chain

Securing supply chains based on open-source software requires scalable vulnerability management and vigilant monitoring.

4 min Threat Intel

SANS Experts: 4 Emerging Enterprise Attack Techniques

According to a report from the SANS Institute, the new wave of attack techniques isn't on the horizon — it’s here.

3 min Virtual Vegas

Black Hat 2021: Rapid7 Experts Share Key Day 2 Takeaways

Here we are again, back for another day of Rapid7 expert debriefings and analysis for some of the most talked-about Black Hat sessions of this year.

3 min Virtual Vegas

Black Hat 2021: Rapid7 Experts Share Key Day 1 Takeaways

OK, no big deal, we know how this goes. Once again, many of us are attending Black Hat [] in a virtual capacity as COVID-19 meanders its way out of our lives. The good news is that there’s an actual live component again this year in Las Vegas, and that’s progress. Here’s hoping that next year the pandemic will be more firmly in the rearview and any remaining travel trepidation will be a “2021 thing.” So flip the on-switch to some neon lights if you got ‘em, and l

3 min InsightVM

What’s New in InsightVM: Q2 2021 in Review

Here is a rundown of new features and functionality launched in Q2 2021 for InsightVM and the Insight Platform.

2 min Detection and Response

Automated remediation level 4: Actual automation

After the previous 3 steps—where we discussed everything from logging to best practices to account hygiene—it’s time to talk about the actions that really let you calibrate and control the kind of remediation you’re looking to get out of the process.

3 min Detection and Response

Automated remediation level 3: Governance and hygiene

The best way to mold a solution that makes sense for your company and cloud security is by adding actions that cause the fewest deviations in your day-to-day operations.

2 min Detection and Response

Automated remediation level 2: Best practices

When it comes to automating remediation, the second level we’ll discuss takes a bit of additional planning. This is so that users will see little to no impact in the account fundamentals automation process.

2 min Detection and Response

Automated remediation level 1: Lock down fundamentals

Ensuring visibility across teams is a critical component in a shared data set where everyone can come to the same conclusions. And if this understanding and trust between teams is achieved, then you might be ready to get into the particulars of automated remediation.

2 min Cloud Security

Action! Start putting automation into practice.

In our new blog series, we’ll talk about the challenges of leveraging automation and actually putting it into practice for your organization and business.

3 min DevOps

Creating coefficiency: DevOps, Security, and Compliance

The ultimate goal on the security horizon is, of course, to prevent risks and misconfigurations before runtime. This won’t always happen, but teams can still get into a rhythm where runtime mistakes become the exception rather than the rule.

4 min Cloud Security

5 questions to answer before spending big on cloud security

Convincing people to sign off on big cloud security spends is, most assuredly, a never-ending process. Because every so often (be it in 6 months, 1 year, 2 years), your security organization will have to pitch to the check-writers all over again.

3 min Emergent Threat Response

Want to stay ahead of emerging threats? Here’s how.

A key question security organizations should ask themselves with regard to emerging threats: Are the systems we have logging the correct information?