3 min
Rapid7 Perspective
How to Start a Career in Cybersecurity: From Stay-at-Home Mom to Security Pro-in-Training
My name is Carlota Bindner, and here is my story on how I went from being a stay-at-home mom and community volunteer to participating in Rapid7's Security Consultant Development Program.
4 min
Incident Detection
Q4 Threat Report: Analyzing the Top 3 Advanced Threats and Detection Techniques
In this post, we’ll review three major findings based on data from Project Sonar, Project Heisenberg, and our Managed Detection and Response customer base, which leverages our security experts and InsightIDR to unify security data and identify compromises in real-time.
4 min
InsightIDR
Forrester Tech Tide for Detection and Response: Is 2019 the Year of Convergence?
Rapid7 was recently recognized for capabilities spanning security user behavior analytics, security analytics, deception technology, SOAR, and file integrity monitoring.
3 min
InsightIDR
Utilize File Integrity Monitoring to Address Critical Compliance Needs
To help organizations address their compliance auditing needs, we are excited to introduce file integrity monitoring (FIM) for InsightIDR.
2 min
Research
Rapid7 Quarterly Threat Report: Q4 and 2018 Wrap-Up
In our 2018 Q4 Threat Report, we look at our custom Attacker Behavior Analytics rules, examine some new threats we’ve seen this year, and provide some steps to help you secure your organization.
3 min
Incident Detection
How to Alert on Rogue DHCP Servers
How to alert on rogue DHCP servers using network traffic as a data source. We look at how you can use Wireshark or LANGuardian to detect DHCP servers.
4 min
SIEM
SOC, SIEM, or MDR? How to Choose the Right Options for Your Infosec Program
Choosing between building an in-house SOC, utilizing a SIEM, or outsourcing to an MDR provider? Learn from three peers on how they made their decision.
3 min
Breach Response News
PHP Extension and Application Repository (PEAR) Compromise: What You Need to Know
According to the PHP Extension and Application Repository (PEAR), a security breach had been found on the `pear.php.net` web server.
7 min
Incident Response
Windows Event Forwarding: The Best Thing You’ve Never Heard Of
This blog post will discuss how to get logs into your SIEM and create custom alerts to detect certain behaviors in those logs.
6 min
Research
Q3 Threat Report: Analyzing Three Key Detection Trends
In this post, we will review findings from our 2018 Q3 Threat Report, including common attack types, the Emotet malware, and protocol poisoning.
4 min
Research
How Your Organization Can Respond After News of a Major Security Breach
When data breaches occur, there are proactive actions organizations can take to double-check their current-state security posture, practices, and protocols.
7 min
Log Search
Rolling with Your Logs, Part 3: Using Regex to Expand Your Search Options
In this final installment of our Log Search series, we’ll look at some simple regular expressions that will greatly expand your Log Search options.
3 min
Incident Detection
5 Tips For Monitoring Network Traffic on Your Network
Monitoring traffic on your network is important if you want to keep it secure. These five tips will help you get the most out of your (NTA) tool.
6 min
User Behavior Analytics
[Q&A] Why Every Threat Detection Strategy Needs User Behavior Analytics
VP of Product Sam Adams explains how UBA works and how it’s evolved over the years to become a core part of threat detection and response strategies.
6 min
Log Search
Rolling with Your Logs, Part 2: Advanced Mode Searches
In the Part 2 of this three-part series on InsightIDR Log Search, we will cover three concepts: parsed logs, groupby function, and log search operations.