• Close
  • Whiteboard Wednesday Videos

    Feed
    Securing Web Applications Built On ReactJS Frameworks

    Latest Video!

    July 27, 2016

    Securing Web Applications Built On ReactJS Frameworks

    In today’s Whiteboard Wednesday, Dan Kuykendall, Sr. Director of Application Security at Rapid7, will talk about securing Single Page Applications (SPA) that are built on ReactJS frameworks.

    Exploit | Structured Exception Handler Overwrite Explained
    July 20, 2016

    Exploit Explained: Structured Exception Handler Overwrite

    In today’s Whiteboard Wednesday, David Maloney, Sr. Security Engineer at Rapid7, will talk about structured exception handler overwrite vulnerabilities and how they work.

    SIEM Tools Don’t Have to Be Hard, Here’s How.
    July 13, 2016

    SIEM Tools Don’t Have to Be Hard, Here’s How.

    In today’s Whiteboard Wednesday, Spencer Engleson, Sales Engineer at Rapid7, will talk about a new approach to SIEM solutions.

    National Exposure Index: Internet Security by Country
    June 29, 2016

    National Exposure Index: Internet Security by Country

    In today’s Whiteboard Wednesday, Bob Rudis, Chief Data Scientist at Rapid7, will discuss a recent research report released by Rapid7, “The National Exposure Index”.

    Mitigating Buffer Overflow Attacks with Stack Cookies
    June 22, 2016

    Mitigating Buffer Overflow Attacks with Stack Cookies

    In today’s Whiteboard Wednesday, David Maloney, Senior Security Researcher at Rapid7, will share a technique to help mitigate buffer overflow attacks.

    Buffer Overflow Attacks Explained: Saved Return Pointer Overwrite
    June 15, 2016

    Buffer Overflow Attacks Explained: Saved Return Pointer Overwrite

    In today’s Whiteboard Wednesday, David Maloney, Senior Security Researcher at Rapid7, will discuss buffer overflow attacks.

    The Evolution of Vulnerability Management Technology
    June 08, 2016

    The Evolution of Vulnerability Management Technology

    In today’s Whiteboard Wednesday, Matt Hathaway, Product Marketing Manager at Rapid7, will discuss the evolution of vulnerability management technology.

    Using Intruder Traps to Detect Attackers On Your Network
    June 01, 2016

    Using Intruder Traps to Detect Attackers On Your Network

    In today’s Whiteboard Wednesday, Eric Sun, Product Marketing Manager at Rapid7, will discuss intruder traps and how you can use them to detect attackers on your network.

    The Security Risks of Local Admin Access
    May 25, 2016

    The Security Risks of Local Admin Access

    In today’s Whiteboard Wednesday, Leon Johnson, Penetration Tester at Rapid7, will discuss local administrator privileges and how it can become a security risk at your organization.

    SMB Relay Attacks Explained
    May 18, 2016

    SMB Relay Attacks Explained

    In today’s Whiteboard Wednesday, Leon Johnson, Penetration Tester at Rapid7, will discuss SMB relay attacks. Leon will tell you how SMB relay attacks work and what you can do to prevent this type of attack.

    Cyber Security Maturity Assessments
    May 11, 2016

    Cyber Security Maturity Assessments: Getting Started

    In today’s Whiteboard Wednesday, Todd Lefkowitz, VP of Global Services at Rapid7, will discuss why every security team should assess their cyber security maturity.

    2016 Verizon Data Breach Report Summary
    May 04, 2016

    2016 Verizon Data Breach Report Summary

    In today’s Whiteboard Wednesday, Bob Rudis, Chief Data Scientist at Rapid7, will discuss the 2016 Verizon Data Breach and Investigations Report.

    Cross-Site Scripting (XSS) Vulnerabilities Explained
    April 27, 2016

    Cross-Site Scripting (XSS) Vulnerabilities Explained

    In today’s Whiteboard Wednesday, Brian O’Neill, Product Strategist at Rapid7, will discuss cross-site scripting (XSS) vulnerabilities.

    Why Every Organization Needs an Annual Security Awareness Training Program
    April 13, 2016

    Why Every Organization Needs an Annual Security Awareness Training Program

    In today’s Whiteboard Wednesday, Todd Lefkowitz, VP of Global Services at Rapid7, will discuss the importance of annual security awareness programs.

    Driving Application Security Earlier into the Software Development Lifecycle
    April 06, 2016

    Driving Application Security Earlier into the Software Development Lifecycle

    In today’s Whiteboard Wednesday, Kim Dinerman, Solutions Marketing Manager at Rapid7, will discuss the importance of driving application security earlier into the software development lifecycle.

    Securing Complex Web Applications with DAST
    March 30, 2016

    Securing Complex Web Applications with DAST Solutions

    In today’s Whiteboard Wednesday, Kim Dinerman, Solutions Marketing Manager at Rapid7, will discuss a common problem within the web application security field, app complexity and how it erodes web application scanner coverage.

    The Passwords That Put You At Risk
    March 16, 2016

    The Attacker’s Dictionary: Passwords That Put You At Risk

    In today’s Whiteboard Wednesday, Roy Hodgman, Data Scientist at Rapid7, will discuss a recent research report that was conducted by the Rapid7 research team. This report focuses on the passwords that attackers use when they scan the internet indiscriminately. We call this project, “Project Heisenberg”.

    Red Team, Blue Team, Hunt Team?
    March 09, 2016

    Red Team, Blue Team, Hunt Team?

    In this week’s Whiteboard Wednesday, Joe Busch, sales engineer for Rapid7, talks about red teams, blue teams, and the latest concept of “hunt teams.”

    An IoT Vulnerability Disclosure Success Story
    February 17, 2016

    An IoT Vulnerability Disclosure Success Story

    In today’s Whiteboard Wednesday, Tod Beardsley, Security Research Manager at Rapid7, will discuss a vulnerability disclosure success story that he has experienced recently with two very different toy companies.

    Incident Detection & Response Survey Results
    February 10, 2016

    Incident Detection & Response Survey Results

    In today’s Whiteboard Wednesday, Eric Sun, Solutions Marketing Manager, IDR at Rapid7, will discuss the 2015 Incident Detection and Response survey findings.

    Using Logs to Achieve PCI Compliance
    February 03, 2016

    Using Logs to Achieve PCI Compliance

    In today’s Whiteboard Wednesday, Matt Kiernan, Product Manager for the Logentries product at Rapid7, will discuss the importance of log centralization when it comes to PCI compliance.

    Understanding User Behavior Analytics: Research Report Findings
    January 20, 2016

    Understanding User Behavior Analytics: Research Report Findings

    In today’s Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager for Rapid7, will discuss User Behavior Analytics. Specifically, Chris will talk about the research report findings we have from analyzing user behavior across over a million of our users.

    Why You Should Be Using EMET
    January 13, 2016

    Why You Should Be Using EMET

    In today’s Whiteboard Wednesday, David Maloney, Sr Software Engineer for Rapid7, will discuss Microsoft EMET and tell you why everybody should be using it!

    5 Ways Attackers Can Evade A SIEM
    January 06, 2016

    5 Ways Attackers Can Evade A SIEM

    In today’s Whiteboard Wednesday, Joe Busch, Sales Engineer for Rapid7, will discuss the common tactics attackers can use to evade a SIEM.

    2016 Security Predictions: Tips for the New Year
    December 23, 2015

    2016 Predictions: Tips and Considerations for the New Year

    In today’s Whiteboard Wednesday, Lee Weiner, SVP of Products and Engineering for Rapid7, will discuss 2016 security predictions.

    Network Management System’s SQLi and XSS Vulnerabilities Explained
    December 16, 2015

    Network Management System’s SQLi and XSS Vulnerabilities Explained

    In today’s Whiteboard Wednesday, Justin Pagano, Security Engineer at Rapid7 will talk about the six flaws that the Rapid7 research team and independent researchers have found across four network management system vendors.

    Dumping Password Hashes Explained
    December 9, 2015

    Dumping Active Directory Password Hashes Explained

    In today's Whiteboard Wednesday, David Maloney, Sr. Software Engineer for Rapid7, will discuss the techniques around dumping password hashes from an Active Directory Domain Controller. We will see the Pro and Cons of different approaches and how these approaches are available for free inside Metasploit Framework.

    PsExec: How Remote Execution Works
    December 2, 2015

    PsExec: How Remote Execution Works

    In today's Whiteboard Wednesday, David Maloney, Sr. Software Engineer for Rapid7, will discuss how remote execution works.

    What is User Behavior Analytics (UBA)?
    November 25, 2015

    What is User Behavior Analytics (UBA)? How Does UBA Detect Stealthy Attacks?

    In today's Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager for UserInsight, will discuss the topic, "What is User Behavior Analytics?"

    Understanding the Attack Chain to Detect Intruders
    November 18, 2015

    Understanding the Attack Chain to Detect Intruders

    In today's Whiteboard Wednesday, Eric Sun, Product Marketing Manager for UserInsight at Rapid7, will discuss the steps an attacker must take in order to steal data and how you can stop them in their tracks before damage is done.

    What is SQL Injection? Remediation Tips and Advice
    November 11, 2015

    What is SQL Injection? Remediation Tips and Advice

    In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will talk about SQL injection.

    Trey will discuss the origin of SQL injection, will break down how this vulnerability works in a non-technical way, and will discuss the impact this vulnerability imposes.

    VERIS Framework: Security Attributes Explained
    November 4, 2015

    VERIS Framework: Security Attributes Explained

    In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss the VERIS framework. Specifically, he will dive into the event category, security attributes.

    The attributes category describes which security attributes (of the previously-identified assets) were compromised during the incident. Watch this week's video to learn more about VERIS.

    VERIS Framework: Compromised Assets Explained
    November 4, 2015

    VERIS Framework: Compromised Assets Explained

    In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss the VERIS framework. Specifically, he will dive into the event category, compromised assets.

    The assets category describes the information assets that were compromised during a security incident. Watch this week's video to learn more about VERIS.

    VERIS Framework: Threat Actions Explained
    October 28, 2015

    VERIS Framework: Threat Actions Explained

    In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7, will discuss VERIS. This week Trey will talk specifically about threat actions.

    VERIS Framework: Threat Actors Explained
    October 28, 2015

    VERIS Framework: Threat Actors Explained

    In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss the VERIS framework. Specifically, he will dive into the event category, threat actors.

    The New EU Data Protection Law Explained
    September 23, 2015

    The New EU Data Protection Law Explained

    In today's Whiteboard Wednesday, Jane Man, Product Marketing Manager at Rapid7 will discuss the new EU Data Protection Law. Specifically, she will go over what the law is, who is affected, the timeline for implementation, and then she will give you some tips around how you can start preparing for these big changes. If you host any personal data from people living in the EU, you're going to want to watch this week's video!

    IoT Baby Monitor Research and IoT Security Explained
    September 16, 2015

    Why CFOs Need to Care About Information Security

    What is your cyber security plan? The board wants to know. Watch this quick video to learn why every CFO needs to care about information security.
    Bonus: Check out our free CFO security resources also included.

    IoT Baby Monitor Research and IoT Security Explained
    September 09, 2015

    IoT Baby Monitor Research and IoT Security Explained

    In today's Whiteboard Wednesday, Tod Beardsley, Security Research Manager at Rapid7, will discuss the latest research report that covers 10 new vulnerabilities found within baby monitor software.

    User Behavior Analytics and HIPAA Compliance
    August 26, 2015

    User Behavior Analytics and HIPAA Compliance

    In today's Whiteboard Wednesday, Eric Sun, Product Marketing Manager at Rapid7 will discuss how User and Entity Behavior Analytics (UEBA) solutions, like Rapid7 UserInsight helps both Covered Entities and Business Associates comply with HIPAA Security Rule.

    Web Application Security Software: The Widening Coverage Gap
    August 19, 2015

    Web Application Security Software: The Widening Coverage Gap

    In this Whiteboard Wednesday Kim Dinerman, Product Marketing Manager at Rapid7, will discuss web application security scanning and how crucial it is to find an application scanner that can test the most modern applications out there today.

    How To Be Successful with Open Source Software Projects
    July 22, 2015

    How To Be Successful with Open Source Software Projects

    In today's Whiteboard Wednesday, Tod Beardsley, Security Research Manager at Rapid7 will discuss the steps you should take to become successful with your next open source project.

    OpenSSL Vulnerability CVE-2015-1793 Explained
    July 9, 2015 (Special Edition)

    OpenSSL Vulnerability CVE-2015-1793 Explained

    In today's Whiteboard Wednesday, Tod Beardsley, Security Research Manager at Rapid7 will discuss the latest OpenSSL vulnerability announced on July 9th, 2015. Watch this week's video to learn how the vulnerability works, the impact, and how to tell if your organization is affected.

    Microsoft EMET: How to Deploy EMET in Your Environment
    June 10, 2015

    Microsoft EMET: How to Deploy EMET in Your Environment

    In today's Whiteboard Wednesday, Guillaume Ross, Senior Consultant at Rapid7, will discuss Microsoft EMET. Guillaume will talk about why you should be deploying Microsoft EMET in your environment and he will discuss the best ways to get started. Watch this week's video to learn more.

    Detecting Lateral Movement with Windows Event Logs
    May 27, 2015

    Detecting Lateral Movement with Windows Event Logs

    In today's Whiteboard Wednesday, Mike Scutt, Senior Security Consultant at Rapid7, will tell you what Windows event logs you should be paying attention to in order to detect lateral movement on your network. Watch this week's video to learn more.

    Reducing Attack Surface with Windows User Rights Assignment
    May 20, 2015

    Reducing Attack Surface with Windows User Rights Assignment

    In today's Whiteboard Wednesday, Guillaume Ross, Senior Consultant at Rapid7, will discuss how you can leverage Windows user rights assignment to lower the attack surface within your organization. While the default configurations may be enough for many, organizations can tweak these configurations to reduce the risk of a breach. Watch this week's video to learn more.

    VENOM Vulnerability CVE-2015-3456 Explained
    May 13, 2015

    VENOM Vulnerability CVE-2015-3456 Explained

    In today's Whiteboard Wednesday, Justin Pagano, Security Engineer at Rapid7, will discuss the VENOM vulnerability. VENOM is a vulnerability that takes place within the virtual floppy drive code of a virtual machine. If properly exploited, attackers can laterally move from the affected VM and have access to the host, putting your critical assets in jeopardy.

    How Attackers Move Through Your Network to Steal Your Critical Data
    May 06, 2015

    How Attackers Move Through Your Network to Steal Your Critical Data

    In today's Whiteboard Wednesday, Mike Scutt, Senior Security Consultant at Rapid7, will discuss the common ways attackers are able to enter your network and how they move throughout your network in search for your critical data.

    Application Monitoring: The Information Security Perspective
    April 29, 2015

    Application Monitoring: The Information Security Perspective

    In today's Whiteboard Wednesday, Eric Sun, Product Marketing Manager at Rapid7 will discuss the importance of application monitoring when investigating a potential data breach.

    Top 5 Takeaways from the 2015 Verizon Data Breach Report (DBIR)
    April 16, 2015 - Special Edition

    Top 5 Takeaways from the 2015 Verizon Data Breach Report (DBIR)

    In today's Whiteboard Wednesday, Jay Roxe, Senior Director of Product Marketing will discuss the top 5 takeaways from the 2015 Verizon Data Breach and Investigations Report (DBIR). Watch this week's video to learn more.

    Windows Vulnerability: Redirect to SMB Attack - Explained
    April 15, 2015

    Windows Vulnerability: Redirect to SMB Attack - Explained

    In today's Whiteboard Wednesday, Justin Pagano, Security Engineer at Rapid7 will discuss the Windows vulnerability, Redirect to SMB Attack. Watch this week's video to learn how this vulnerability is exploited, what is at risk, and exactly how to defend against it.

    Incident Response Methodology: How to Respond to a Security Incident
    April 01, 2015

    Incident Response Methodology: How to Respond to a Security Incident

    In this Whiteboard Wednesday, one of Rapid7's senior incident responders will discuss how to respond to security incidents within your organization. Watch this week's video to learn more!

    Piggyback Attacks: How Third Party Breaches Affect Your Organization
    March 25, 2015

    Piggyback Attacks: How Third Party Breaches Affect Your Organization

    In this Whiteboard Wednesday we will talk about piggyback attacks. Commonly, piggyback attacks are associated with wiretapping or even with a physical attack vector where an attacker sneaks behind a legitimate employee when they swipe their badge to enter a private setting. Today, we are referring to piggyback attacks as third party data breaches that affect you or your organization’s security.

    Incident Detection and Response Threat Simulation
    March 11, 2015

    Incident Detection and Response Threat Simulation

    In this whiteboard Wednesday we will discuss how you can create a real-life threat simulation for your incident detection and response team. If you are like most security teams, you are starting to invest in an incident detection and response program at your organization. One of the first steps you should go through with your incident detection and response team is to create a threat simulation in a safe environment to see how your team, and the security controls in your environment, perform. In this video, we will talk about how you can build out this simulation and discuss the details that you should consider.

    Preparing for Incident Detection and Response
    March 04, 2015

    Preparing for Incident Detection and Response

    In this whiteboard Wednesday we will talk about how you can get started with incident detection and response.Gartner projects that by the year 2020, 60% of security budget will be focused on rapid detection and response programs. Are you one of the many organizations investing in these types of programs? Before you get started, let's walk through some areas you should focus on in order to implement an incident detection and response program successfully.Watch this week's video to learn more.

    How A Breached Vendor Can Impact Your Organization's Security
    February 25, 2015

    How A Breached Vendor Can Impact Your Organization's Security

    In this whiteboard Wednesday we will talk about how a breached vendor of yours can impact the security of your organization.

    Prevention vs Detection, Rebalancing Your Security Program
    February 04, 2015

    Prevention vs Detection, Rebalancing Your Security Program

    In this whiteboard Wednesday we will talk about the two major types of security products out there, preventative security products, and detection products.

    2015 Security Resolutions, the Programs You Need to Focus on This Year
    January 21, 2015

    2015 Security Resolutions, the Programs You Need to Focus on This Year

    In this Whiteboard Wednesday Josh Feinblum, VP of Information Security at Rapid7, will discuss security programs you should be focusing on in 2015. In 2014, we learned a lot about how attackers operate. By leveraging this information, these are the top three things you need to focus on in 2015. Watch this video to learn more.

    Android WebView Loses Patch Support
    January 14, 2015

    Android WebView Loses Patch Support

    In this Whiteboard Wednesday Justin Pagano, Security Engineer at Rapid7, will discuss the recent announcement from Google stating that they will no longer patch their browser, WebView, which is enabled on all Android devices with the operating system (Jelly Bean) 4.3 and earlier.

    Security Trends in 2014 & What to Expect in 2015
    January 7, 2015

    NIST Cybersecurity Framework Explained

    In this Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss the NIST Cybersecurity Framework that was released on February 12, 2014 by President Obama to help protect critical infrastructure. Watch this video to get a quick overview of the framework set forth.

    Security Trends in 2014 & What to Expect in 2015
    December 17, 2014

    Security Trends in 2014 & What to Expect in 2015

    In this Whiteboard Wednesday, Lee Weiner, Senior VP of Products and Engineering at Rapid7 will discuss the big security trends that occurred in 2014 and what we should look for in 2015. Watch this week's video to learn more.

    Getting Started with a Security Awareness Program for Your Employees
    December 10, 2014

    Getting Started with a Security Awareness Program for Your Employees

    In this Whiteboard Wednesday, Todd Lefkowitz, our VP of Professional Services at Rapid7 will discuss how you can get started with security awareness training at your organization. With the rise of attack vectors targeting your employees, it is very important that you train your staff around security awareness.

    PCI 3.0 Compliance: How to Dispute Your PCI Vulnerability Scan Results
    December 3, 2014

    PCI 3.0 Compliance: How to Dispute Your PCI Vulnerability Scan Results

    In this whiteboard Wednesday we will talk about how you can dispute your PCI vulnerability scan results. Learn the steps needed to dispute your findings. Watch now!

    Cyber Monday: The Anatomy of a <br>Credit Card Breach
    November 24, 2014

    Cyber Monday: The Anatomy of a Credit Card Breach

    In this whiteboard Wednesday we will break down the anatomy of a credit card breach. Watch this video to learn how you can be more secure this holiday shopping season. Watch now.

    Network Segmentation: Breach Containment & Need to Know Info
    November 19, 2014

    Network Segmentation: Breach Containment & Need to Know Info

    In this Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager for UserInsight, will discuss network segmentation and why every organization should adopt this best practice. Learn why you should segment your network based on user roles to help contain a breach and malicious insiders. Watch now!

    WinShock: What is it? How to Remediate CVE-2014-6321
    November 13, 2014

    WinShock: What is it? How to Remediate CVE-2014-6321

    In this Whiteboard Wednesday, Justin Pagano, Security Engineer, will discuss the the latest Microsoft high profile vulnerability called WinShock. Learn the details and see how you can remediate CVE-2014-6321. Watch this week's video to learn more.

    IPS and IDS: What's The Difference?
    November 12, 2014

    IPS and IDS: What's The Difference?

    In this Whiteboard Wednesday, Bernard Beirne, Sales Engineer, will discuss the differences between an Intrusion Prevention System (IPS) and an Intrusion Detect System (IDS). Watch this week's video to learn more.

    Why CVSS Score Alone Isn't Enough When Identifying the Risk of a Vulnerability
    November 5, 2014

    Why CVSS Score Alone Isn't Enough When Identifying the Risk of a Vulnerability

    In this Whiteboard Wednesday, Paul Chu, Sales Engineer, will discuss why CVSS score alone is not enough when identifying the risk of a vulnerability. Learn how added context like risk exposure and business context can help you prioritize vulnerabilities based on your unique environment. Watch this week's video today.

    5 Steps to Improve Incident Detection
    October 29, 2014

    5 Steps to Improve Incident Detection

    In this Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager, will discuss 5 steps that you can take to improve security incident detection. Chris will dive into 5 common indicators of compromise, and tell you how you can better detect them across your network and the cloud services that your users use.

    Insider Threat Programs: How to Get Started
    October 22, 2014

    Insider Threat Programs: How to Get Started

    In this Whiteboard Wednesday Alex Page, Product Sales Specialist, will discuss insider threat programs. We find that people are starting to seriously consider developing an insider threat program within their organization to monitor malicious behaviour across users. Watch this week's video to learn more about how you can monitor your users for suspicious behaviour and how you can get started today.

    POODLE SSL Vulnerability CVE-2014-3566: What is it? How to Remediate
    October 15, 2014

    POODLE SSL Vulnerability CVE-2014-3566: What is it? How to Remediate

    In this Whiteboard Wednesday, Justin Pagano talks about the latest SSL vulnerability, POODLE. Watch this video to learn more about this critical vulnerability and see how you can test if your organization is affected.

    Vulnerability Validation: What is it and Why is it Important?
    October 08, 2014

    Vulnerability Validation: What is it and Why is it Important?

    In this Whiteboard Wednesday, Chris Godoy talks about vulnerability validation. Specifically, he talks about what it means to validate vulnerabilities, how you can do this, and why it is important for your organization. Watch now.

    October 1, 2014

    What is Two Factor Authentication (2fa) and Why is it Important Today?

    In today's Whiteboard Wednesday, Nicholas J Percoco will talk about two factor authentication. Watch this video to learn what two factor authentication (2fa) is, the different ways you can implement two factor authentication, and why it is important today.

    September 24, 2014

    How Does Bashbug (AKA shellshock) Work? How Do I Remediate?

    In this Whiteboard Wednesday, Justin Pagano talks about what bashbug is, the attack vectors where bash can be exploited, how this vulnerability compares to Heartbleed, and how you can fix this high-profile vuln in your environment.

    September 18, 2014

    Google Android Browser Privacy Bug Explained

    In this Whiteboard Wednesday, Nicholas J. Percoco, VP of Strategic Services at Rapid7 explains a privacy major bug in the built-in browser in Google's Android phones, and what it means for users's privacy and corporations' security.

    Top Reasons Every Company Should Deploy Honeypots
    September 10, 2014

    Top Reasons Every Company Should Deploy Honeypots

    In today's Whiteboard Wednesday, Joe Busch, Sales Engineer at Rapid7 will discuss honeypots. Specifically, he will talk about what a honey pot is, the different types of honeypots available, and will talk about the top reasons every company should deploy a honeypot in their environment.

    Personal Cyber Hygiene: Tips to Protect Yourself from Cyber Attacks
    September 3, 2014

    Personal Cyber Hygiene: Tips to Protect Yourself from Cyber Attacks

    In today's Whiteboard Wednesday, Nicholas J. Percoco, VP of Strategic Services at Rapid7 will discuss some basic Personal cyber hygiene tips to help protect yourself from security attacks. Watch this week's video to learn more.

    5 Reasons You Should Attend Rapid7 Real-Time
    August 27, 2014

    5 Reasons You Should Attend Rapid7 Real-Time

    In today's Whiteboard Wednesday, Lee Weiner, Senior VP of Products and Engineering at Rapid7 will discuss the top 5 reasons that you should attend our free Rapid7 Real-Time Event.

    Zero Days Explained
    August 20, 2014

    Security Events, Incidents, and Breaches Explained

    In today's Whiteboard Wednesday, Chris Kirsch, Principal Product Marketing Manager at Rapid7 for UserInsight will discuss the difference between security events, incidents, and breaches.

    Zero Days Explained
    August 14, 2014

    Zero Days Explained

    In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss zero days.

    Security Compliance 101: Why Compliance Doesn't Equal Security
    July 30, 2014

    Security Compliance 101: Why Compliance Doesn't Equal Security

    In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss compliance and how it should fit into your security program today.

    Black Hat 2014: Interesting Topics at this Year's Conference
    July 23, 2014

    Black Hat 2014: Interesting Topics at this Year's Conference

    In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss the talks that he will most likely be attending at Black Hat 2014 this year.

    DEF CON 22: Six Interesting Topics at This Year's Conference
    July 16, 2014

    DEF CON 22: Six Interesting Topics at This Year's Conference

    In today's Whiteboard Wednesday, Nick Percoco, Vice President of Strategic Services at Rapid7 will discuss the 6 talks that he will most likely be attending at DEF CON 22 this year.

    5 Steps to Performing a PCI 3.0 Gap Analysis
    July 9, 2014

    5 Steps to Performing a PCI 3.0 Gap Analysis

    In today's Whiteboard Wednesday, Nate Crampton, Product Marketing Manager at Rapid7 will discuss the 5 steps needed to perform a PCI 3.0 gap analysis.

    Who Else Got Phished: Methods for Phishing Detection and Prevention
    June 25, 2014

    Who Else Got Phished: Methods for Phishing Detection & Prevention

    In today's Whiteboard Wednesday, Jay Roxe, Senior Director of Product Marketing at Rapid7 will discuss phishing and focus on the prevention and detection of phishing attempts targeted at your users.

    How to Detect Compromised Users: Breaking the User Kill Chain
    June 11, 2014

    How to Detect Compromised Users: Breaking the User Kill Chain

    In today's Whiteboard Wednesday, Lital Asher-Dotan, Senior Product Marketing Manager for UserInsight at Rapid7 will discuss the current chain of events an attacker must take to successfully exfiltrate data from your network.

    OpenSSL Vulnerabilities CVE-2014-0224 and CVE-2014-0195 Explained
    June 06, 2014

    Special Friday Edition: OpenSSL Vulnerabilities CVE-2014-0224 and CVE-2014-0195 Explained

    In today's Whiteboard Wednesday, Ross Barret, Senior Manager of Security Engineering at Rapid7 will discuss the latest OpenSSL vulnerabilities that were released on June 5, 2014.

    Securing the Internet of Things
    June 04, 2014

    Securing the Internet of Things

    In today's Whiteboard Wednesday, Nick Percoco, VP of Strategic Services at Rapid7 will discuss the Internet of Things and how it affects security.

    How Pen Testing Productivity Helps Boost Security
    May 28, 2014

    How Pen Testing Productivity Helps Boost Security

    In today's Whiteboard Wednesday, Chris Kirsch, Senior Product Marketing Manager will discuss how you can save 45% of your time when pen testing by taking advantage of some great productivity features.

    eBay Hacked: Need-to-Know Details for Protection
    May 21, 2014

    eBay Hacked: Need-to-Know Details for Protection

    In today's Whiteboard Wednesday, Chris Kirsch, Senior Product Marketing Manager at Rapid7 will discuss the latest eBay hack which was announced on May 21st.

    Key Takeaways from the Verizon Data Breach Report (DBIR)
    May 14, 2014

    Key Takeaways from the Verizon Data Breach Report (DBIR)

    In today's Whiteboard Wednesday, Jay Roxe, Senior Director of Product Marketing will talk about some of the key takeaways from the 2014 Verizon Data Breach Investigation report.

    How Noisy is Your Incident Detection System?
    May 07, 2014

    How Noisy is Your Incident Detection System?

    In today's Whiteboard Wednesday, Lital Asher-Dotan, Senior Product Marketing Manager for UserInsight, will discuss Incident Detection Systems (IDS), and how the overwhelming amount of alerts tend to hide real risk in your environment.

    Internet Explorer 0-Day: A Summary with Mitigation Advice
    Apr 30, 2014

    Internet Explorer 0-Day: A Summary with Mitigation Advice

    In today's Whiteboard Wednesday, Nick Percoco, Vice President of Strategic Services, will talk about the latest Internet Explorer 0-day.

    Network Segmentation Testing: An Overview and How To Guide
    Apr 23, 2014

    Network Segmentation Testing: An Overview and How To Guide

    In today's Whiteboard Wednesday, Chris Kirsch, Senior Product Marketing Manager, will talk about the importance of network segmentation.

    Cloud Security Monitoring: Why Monitoring Cloud Services Alone Isn't Enough
    Apr 16, 2014

    Cloud Security Monitoring: Why Monitoring Cloud Services Alone Isn't Enough

    In today's Whiteboard Wednesday, Lital Asher-Dotan, Senior Product Marketing Manager, will talk about cloud security monitoring and why monitoring cloud services alone isn't enough.

    OpenSSL Heartbleed Vulnerability Explained: Tips for Protection
    Apr 9, 2014

    OpenSSL Heartbleed Vulnerability Explained & Tips for Protection

    In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7, will talk about the OpenSSL vulnerability called Heartbleed.

    How to Save 140 Hours a Month on Vulnerability Management
    Apr 2, 2014

    How to Save 140 Hours a Month on Vulnerability Management

    In today's Whiteboard Wednesday, Bill Bradley, Product Marketing Manager at Rapid7, will discuss the topic, "How to Save 140 Hours a Month on Vulnerability Management".

    PCI 3.0 and Penetration Testing, Requirement 11.3 Explained
    Mar 26, 2014

    Anti-Virus (AV) Evasion for Proper Penetration Testing

    In today's Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager at Rapid7, will discuss the topic, Anti-Virus (AV) Evasion for Proper Penetration Testing”.

    PCI 3.0 and Penetration Testing, Requirement 11.3 Explained
    Mar 19, 2014

    PCI 3.0 and Penetration Testing, Requirement 11.3 Explained

    In today's Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager at Rapid7, will discuss the topic, "PCI 3.0 and Penetration Testing, Requirement 11.3 Explained".

    SANS Top 20 Critical Controls: A Beginners Guide
    Mar 12, 2014

    SANS Top 20 Critical Controls: A Beginners Guide

    In today's Whiteboard Wednesday, Bill Bradley, Product Marketing Manager at Rapid7, will discuss the topic, “SANS Top 20 Critical Controls: A Beginners Guide”.

    Why a Layered Security Approach is the Key to Successful Security Programs
    Mar 5, 2014

    Why a Layered Security Approach is the Key to Successful Security Programs

    Watch this video to learn what it means to have a layered approach to security and how it can help you achieve your company's security goals. Bill discusses the types of tools that you should consider when building a layered security program.

    Why Timely Detection of Security Threats Equals Real Money
    FEB 19, 2014

    Why Timely Detection of Security Threats Equals Real Money

    Watch this video to learn how much money an organization spends on average to remediate a data breach and how long it takes them to do so. Learn how you can detect threats faster and save your organization money by using UserInsight for fast, automated, threat detection across your network, cloud, and mobile environments.

    Why All Cloud File Transfer Services Put Your Organization's Data at Risk
    FEB 12, 2014

    Why All Cloud File Transfer Services Put Your Organization's Data at Risk

    Watch this video to learn how cloud file transfer services, used by your employees and colleagues, put your organization's data at risk and find out how to monitor suspicious behavior across these cloud services so you can answer the question, "Who leaked the data?"

    Why Monitoring Geolocation Information Matters for Security
    FEB 5, 2014

    Why Monitoring Geolocation Information Matters for Security

    In today's Whiteboard Wednesday, Jason Weiss, a member of the engineering team for UserInsight at Rapid7, will discuss the topic, "Why Monitoring Geolocation Information Matters for Security". In this video, Jason explains the importance of geolocation monitoring in order to find anomalies in user activity.

    Do Disgruntled Ex-Employees Access Company Data After They Leave?
    Jan 29, 2014

    Do Disgruntled Ex-Employees Access Company Data After They Leave?

    In today's Whiteboard Wednesday, Lital Asher-Dotan, Product Marketing Manager for UserInsight at Rapid7, will discuss the topic, "Do Disgruntled Ex-Employees Access Company Data After They're Gone?" Lital explains the complexity of managing ex-employees accounts outside of the network across cloud services.

    How To Remove False Positives From Security Threat Investigations
    Jan 22, 2014

    How To Remove False Positives From Security Threat Investigations

    Threat investigation should be much simpler for security teams. This is the main topic for this week's Whiteboard Wednesday. Jason Weiss, an Engineer for Rapid7's new UserInsight product talks about the painful process of going back and forth between systems to try and piece together evidence that will give a security team insight into who may have committed a risky action on their network. Jason will tell you how you can remove false positives in your threat investigation and how you can easily monitor and trace risky behavior down to the user on your network, across mobile devices, or even on the cloud services that your employees use.

    Security in the Year of the Mega Breach: How to Protect Yourself and Your Organization from the Most Common Attacks
    Jan 15, 2014

    Security in the Year of the Mega Breach: How to Protect Yourself and Your Organization from the Most Common Attacks

    In today's Whiteboard Wednesday, Jay Roxe, Director of Products at Rapid7, will discuss the topic, “Security in the Year of the Mega Breach”.Jay discusses the most common threat vector used to acquire both personal and organizational data, deception-based attacks. Deception-based attacks are one of the toughest attacks to control. Security professionals are getting much better at locking down a network, however it is very hard for them to stop somebody from gaining access to a network through a user on their network. Watch this video to come away with actionable ways to avoid deception-based attacks both in the workplace as well as outside the workplace.

    7 Tips For Safe Holiday Shopping This Holiday Season
    Dec 18, 2013

    7 Tips For Safe Holiday Shopping This Holiday Season

    In today's Whiteboard Wednesday, Patrick Hellen discusses 7 tips for safe online shopping this holiday season. From updating your browsers to avoiding shady websites, Patrick gives you 7 easy steps to help you protect your personal information as you make online purchases this holiday season.

    Penetration Testing SAP ERP Systems with Metasploit
    Dec 11, 2013

    Penetration Testing SAP ERP Systems with Metasploit

    In today's Whiteboard Wednesday, Chris Kirsch, Product Marketing Manager for Metasploit, will talk about pen testing your SAP systems and why it is tough for pen testers.

    User-Based Risk Monitoring: Answering the Question, Who Dunit?! On Your Network and Across Cloud Services
    Dec 04, 2013

    User-Based Risk Monitoring: Answering the Question, "Who Dunit?!" On Your Network and Across Cloud Services

    In today's Whiteboard Wednesday, Jason Weiss from the UserInsight Engineering Team, will tell you exactly how you can answer the question, "Who Dunit?!" on your network and across cloud services.

    Cloud Security: Handling The Disappearance of the IT Security Perimeter
    Nov 20, 2013

    Cloud Security: Handling The Disappearance of the IT Security Perimeter

    In today's Whiteboard Wednesday Jason Weiss, will talk about the disappearance of the IT security perimeter and how it shapes our security programs moving forward.

    PCI DSS 3.0 - An Overview of Latest Changes
    Nov 13, 2013

    PCI DSS 3.0 - An Overview of Latest Changes

    In today's Whiteboard Wednesday Nate Crampton, Product Marketing Manager for Nexpose, will break down the latest changes included in PCI 3.0 Watch this quick video to learn about the new requirements.

    Cloud Service Security Risk: How to Protect Yourself
    Nov 06, 2013

    Cloud Service Security Risk: How to Protect Yourself

    In today's Whiteboard Wednesday our Senior Director of Product Marketing, Jay Roxe, will discuss why you should be paying just as much attention to cloud service security as you do to network security.

    Security Horror Sequels - Don't Be A Victim!
    Oct 30, 2013

    Security Horror Sequels - Don't Be A Victim!

    In today's Halloween themed Whiteboard Wednesday, Patrick Hellen will relate mistakes made in horror movies with mistakes made within security teams. From user-based risk to threat prioritization, learn about some of the most common mistakes that every security team should avoid.

    Patch Management Best Practices
    Oct 23, 2013

    Patch Management Best Practices

    In today's Whiteboard Wednesday, we will walk you through some patch management best practices. We understand how tough it is to keep up with all of the patches that come out each week. By doing a lot of the leg work up front and organizing the assets within your organization, you can save a lot of time in the end. We will walk you 6 steps you can take to improve your current patch management process in this Whiteboard Wednesday.

    Penetration Testing Techniques - DREAD Methodology
    Oct 16, 2013

    Penetration Testing Techniques - DREAD Methodology

    This week's Whiteboard Wednesday is on DREAD as a reporting methodology as it pertains to penetration testing. Rene Aguero, Senior Sales Engineer for Rapid7 will dive into the DREAD and why he thinks that every pen tester should use DREAD as a reporting methodology when pen testing. Check out the video to learn more!

    Three Security Controls You Should Be Using
    Oct 09, 2013

    Three Security Controls You Should Be Using

    In today's Whiteboard Wednesday, Jane Man, Product Marketing Manager for ControlsInsight, discusses three important security controls that you should be paying attention to.

    Password Auditing with Metasploit
    Oct 02, 2013

    Password Auditing with Metasploit

    In today's Whiteboard Wednesday, David Maloney dives into password auditing techniques with Metasploit. He goes over the three main techniques which are brute force or online password attacks, hash cracking or offline attacks and password recovery attacks. To learn more about these techniques, watch the video above. Make sure to download Metasploit for password auditing!

    Biometric Security: Our Take on Apple's New Technology
    Sep 25, 2013

    Biometric Security: Our Take on Apple's New Technology

    In today's Whiteboard Wednesday, Patrick Hellen discusses the new biometric security features on the new iPhone 5S. Everybody is talking about how user friendly the new fingerprint scanner is but how is it from a security perspective? Watch this quick video to see what Patrick feels are the pros and cons of the new feature.

    Justifying Penetration Testing Budget
    Sep 18, 2013

    Justifying Penetration Testing Budget

    Today's Whiteboard Wednesday features Chris Kirsch, Rapid7's Product Marketing Manager for Metasploit, who will be talking about how you can effectively justify your penetration testing budget to your executive team.

    FISMA 101: A Guide to Achieving FISMA Compliance
    Sep 11, 2013

    FISMA 101: A Guide to Achieving FISMA Compliance

    In today's Whiteboard Wednesday, John Schimelpfenig will talk about FISMA compliance. John talks about what FISMA compliance is and how to achieve FISMA compliance through vulnerability management, continuous monitoring, and penetration testing.

    All About User-Based Risk
    Sep 04, 2013

    All About User-Based Risk

    This week's Whiteboard Wednesday is a primer on what user-based risk is and why it's important to trust but verify your users as part of an comprehensive security program. Jay Roxe explains in this video why the old perimeter-based concept of security is irrelevant in today's world of cloud apps and mobile devices, especially when the sophistication of social engineering attacks is on the rise.

    Key Learnings From the UNITED 2013 Conference
    Aug 28, 2013

    Key Learnings From the UNITED 2013 Conference

    In today's Whiteboard Wednesday, Patrick Hellen, our fearless community manager will discuss the key learnings from the UNITED 2013 conference. UNITED was our customer focused conference that took place in Boston last week. Learn about the major problems that security professionals have in their day to day jobs and learn about the new products that we have come out with to help solve these problems.

    How to Manage Your Security Control's Effectiveness
    Aug 21, 2013

    How to Manage Your Security Control's Effectiveness

    In today's Whiteboard Wednesday, Jane Man will discuss proper security controls effectiveness. She will talk about what it takes to assess your current security controls today and how to harden these control even more for security. She also talks about how you can go about choosing the most important security controls to assess.

    Penetration Testing for PCI Compliance
    Aug 14, 2013

    Penetration Testing for PCI Compliance

    In today's Whiteboard Wednesday, Chris Kirsch will talk about penetration testing for PCI compliance. If you are a company that accepts credit card payments, you have to comply with PCI. PCI compliance requires that you perform a penetration test at least once a year and after any significant infrastructure or application upgrade. Watch this video to learn more penetration testing for PCI compliance and download Metasploit Pro to get started!

    Egress Filtering and Firewall Testing with Metasploit MetaModules
    Aug 07, 2013

    Egress Filtering and Firewall Testing with Metasploit MetaModules

    In today's Whiteboard Wednesday, Chris Kirsch will talk about egress filtering and firewall testing with Metasploit's new MetaModules. The new MetaModules allow you to test individual security control quickly and easily making firewall testing and egress filtering simple.

    Different Types of Hackers and Their Motives
    Jul 31, 2013

    Different Types of Hackers and Their Motives

    In today's Whiteboard Wednesday, Chris Kirsch will talk about the different types of hackers and the motives behind their attacks. Learn more about the three major hacking groups and who they target. Chris will also help you understand which group of hackers you should be worried about the most.

    Security Controls Testing with Metasploit
    Jul 24, 2013

    Security Controls Testing with Metasploit

    In today's Whiteboard Wednesday, Chris Kirsch will talk about how you can audit your security controls with Metasploit. Chris will explain what security controls testing is and will give you examples around the controls that you can audit with Metasploit. He will also touch on why it is important to test individual controls rather than just including them in your regular penetration tests. Watch this video to learn more about security controls testing.

    Three Steps to Mobile Application Risk Management
    Jul 17, 2013

    Three Steps to Mobile Application Risk Management

    In today's Whiteboard Wednesday we will discuss mobile application risk management. Did you know that the average smart phone user has about 50 applications on their phone? Mobile applications can pose a threat to your corporate and personal data, especially if they are on a phone that is jailbroken or downloaded off of a non-trusted application store.

    7 Tips to Follow When Evaluating Security Tools
    Jul 10, 2013

    7 Tips to Follow When Evaluating Security Tools

    In today's Whiteboard Wednesday, Pia Flores gives you 7 tips to follow when evaluating security tools. Pia has been through thousands of evaluations with customers and these are the items she feels are most important to think about while assessing the tools that help protect your organization. Watch this quick video to learn more.

    Vulnerability Disclosure Tactics
    Jul 03, 2013

    Vulnerability Disclosure Tactics

    Watch this quick Whiteboard Wednesday video to learn all about different vulnerability disclosure tactics. Learn the differences between responsible, full, and reasonable disclosure and see why people use these different tactics. This video is presented by our Metasploit Framework who also talks about how Metasploit approaches vulnerability disclosure.

    The Conflict Between IT and Security Teams
    Jun 26, 2013

    The Conflict Between IT and Security Teams

    In today's Whiteboard Wednesday, Rachit Kumar talks about the conflict between IT and security teams when it comes to vulnerability remediation.

    Three Benefits to an Offensive Security Approach - Whiteboard Wednesday
    Jun 19, 2013

    Three Benefits to an Offensive Security Approach - Whiteboard Wednesday

    Offensive security is a proactive approach to protecting your network from outside attackers. Many times people throw up a firewall or install anti-virus and think that these security tools are going to protect you from data loss when in reality; these tools are not always working as advertised. Offensive security allows you to validate that the security measures you have in place in your environment are doing their jobs and protecting your data.

    PCI Compliance 101 - What is PCI Compliance, and How Do I Become PCI Compliant?
    Jun 12, 2013

    PCI Compliance 101 - What is PCI Compliance, and How Do I Become PCI Compliant?

    In this Whiteboard Wednesday, Ethan Goldstein explains what PCI is, how to become PCI compliant, and what you should look for in a vendor. Whether you are searching for a PCI approved scanning vendor or simply trying to answer the question, "What is PCI compliance?" Rapid7 can help! Watch this video to get started.

    Mobile Risk Management vs. Mobile Device Management - What's the Difference?
    Jun 05, 2013

    Mobile Risk Management vs. Mobile Device Management - What's the Difference?

    In today's Whiteboard Wednesday, Dirk Sigurdson discusses the differences between mobile risk management and mobile devices management when it comes to mobile security solutions.

    Vulnerability Validation with Metasploit
    May 29, 2013

    Vulnerability Validation with Metasploit

    In today's Whiteboard Wednesday, Joe Dubin talks about how you can get the most out of your security programs by integrating your vulnerability scanner with penetration testing software.

    Integrating Network Topology Software with Vulnerability and Exploit Data
    May 22, 2013

    Integrating Network Topology Software with Vulnerability and Exploit Data

    In today's Whiteboard Wednesday, Ethan Goldstein will talk about how you can make your security programs more efficient and increase the ROI of security software purchases by integrating network topology software with vulnerability and exploit data.

    What is Metasploit? Whiteboard Wednesday
    May 15, 2013

    What is Metasploit? Whiteboard Wednesday

    In today's Whiteboard Wednesday, Chris Kirsch explains what Metasploit is and how you can use this penetration testing software to protect your network. Chris will dive into each edition and explain what each has to offer. You will also learn how to install Metasploit and get up and running quickly. What is Metasploit? Let Chris tell you!

    How to Pitch Security Solutions to Your CIO
    May 08, 2013

    How to Pitch Security Solutions to Your CIO

    In today's Whiteboard Wednesday, Jay Leader, Rapid7's VP of IT and CIO will talk about the five questions you Need to Know the answer to before pitching security solutions to CIO's. If you struggle with finding the best way to communicate with your CIO/CISO about why a security solution is worth the money and implementation effort, this video is for you!

    Social Media Security Best Practices
    May 01, 2013

    Social Media Security Best Practices

    In today's Whiteboard Wednesday, John Schimelpfenig talks about social media security best practices. With the recent AP and Livingsocial hacks in April we thought that this would be a timely topic.

    Nexpose 5.6 - The Powerful New Features for Your Vulnerability Management Programs
    Apr 24, 2013

    Nexpose 5.6 - The Powerful New Features for Your Vulnerability Management Programs

    In today's Whiteboard Wednesday, Nate Crampton will talk about the latest features in the newest Nexpose 5.6 release that will take your vulnerability management programs to the next level.

    Mobilisafe Now Supports Office 365 - The Only MRM Solution To Do So
    Apr 17, 2013

    Mobilisafe Now Supports Office 365 - The Only MRM Solution To Do So

    In today's Whiteboard Wednesday we will talk about the integration between Mobilisafe and Microsoft Office 365. See how easy it is to deploy Mobilisafe throughout your business to give you much better insight into your BYOD security.

    Metasploit 4.6 - What's New in the Latest Metasploit Release?
    Apr 10, 2013

    Metasploit 4.6 - What's New in the Latest Metasploit Release?

    In today's Whiteboard Wednesday, Chris Kirsch talks about the latest Metasploit 4.6 release and all it has to offer. Here is a hint - Metasploit 4.6 is easier than ever to use! Whether you need to run a quick pen test, audit your web applications or conduct a phishing campaign, the new Metasploit 4.6 release makes it quick and easy to setup. It's like Wizardry or something!

    Top 3 Mobile Policies to Use with Mobilisafe
    Apr 03, 2013

    Top 3 Mobile Policies to Use with Mobilisafe

    In today's Whiteboard Wednesday, Dirk Sigurdson talks about the top 3 mobile policies that you should be using with Mobilisafe. With the BYOD trend rising, it is important that you put in place mobile policies that protect your organization from a data breach from mobile devices. Mobilisafe makes it easy for you to set rules and guidelines around mobile devices that connect with your exchange server. From requiring a password protected lock screen to making sure that the devices have the latest firmware update, you can set policies in Mobilisafe easily to ensure that all devices connecting to your network are protected. Watch this quick video to learn more!

    Unsecured Public Information in Amazon S3 Buckets - Are Your Buckets Leaking Data
    Mar 27, 2013

    Unsecured Public Information in Amazon S3 Buckets - Are Your Buckets Leaking Data?

    In today's Whiteboard Wednesday, Will Vandevanter talks about the Amazon S3 service and how a lot of people are misconfiguring their Amazon S3 buckets, leaving personal information exposed. Amazon S3 provides the ability to store and serve static content from Amazon's cloud. Files within S3 are then put into "buckets" which are accessible through a predictable URL.

    Metasploitable - Our Intentionally Vulnerable Machine
    Mar 20, 2013

    Metasploitable - Our Intentionally Vulnerable Machine

    In today's Whiteboard Wednesday, Chris Kirsch shows you how you can use Metasploitable, an intentionally vulnerable machine, for testing Metasploit. Chris tells you how to download, setup, and use Metasploitable for testing Metasploit before you start using Metasploit on your production servers.

    BackTrack is Now Kali Linux
    Mar 13, 2013

    Pen Testing Tools - BackTrack is now Kali Linux

    Today's Whiteboard Wednesday video features Metasploit Product Marketing Manager Chris Kirsch, who talks about one of the most well-known pen testing tools, Kali Linux—the next step in the evolution of BackTrack, a popular pen testing tool. Learn about all of the new features in this updated and renamed release, and how Metasploit now supports Kali Linux as an official platform.

    Abusing Windows Remote Management Service with Metasploit
    Mar 06, 2013

    Abusing Windows Remote Management Service with Metasploit

    In today's Whiteboard Wednesday, David Maloney talks about the Windows Remote Management Service. WinRM is a service designed to allow System Administrators to issue commands to remote machines. In this video, David discusses how Metasploit can identify these services and attack them, gaining unfettered access to machines, and doing so without being detected by Antivirus Solutions.

    EZ Mode Hacking with Metasploit
    Feb 27, 2013

    EZ Mode Hacking with Metasploit

    In this week's Whiteboard Wednesday, Rapid7 CSO HD Moore walks us through a simple pen testing trick that doesn't require use of exploits. This technique can be a useful tool in a social engineering campaign to measure users' security awareness.

    Mobile Security - A Day in the Life of an IT Manager
    Feb 13, 2013

    Mobile Security - A Day in the Life of an IT Manager

    In today's Whiteboard Wednesday, Saj Sahay and Giri Sreenivas do a little role play and discuss what it is really like to be an IT manager during the BYOD trend. Giri and Saj will provide you with more information around what BYOD is, how it effects your organization and what you can do to protect your company's information through mobile devices. Using a mobile risk management or mobile risk assessment software like Mobilisafe will allow you to track all of the devices that connect to your exchange server, see which devices are at risk, and even allows you to set policies that ensure that every device on your network meets the required security needs.

    Password Security Tips and Best Practices
    Feb 06, 2013

    Password Security Tips and Best Practices

    As our workforce grows increasingly mobile, it's more important than ever to make sure you secure your passwords to keep the data you access on your laptop, your cell phone-wherever-safe and sound. Rapid7 Community Manager Patrick Hellen shares some password security tips to make sure you keep your accounts uncompromised.

    Top 4 Mobile Device Security Concerns
    Jan 30, 2013

    Top 4 Mobile Device Security Concerns

    In today's Whiteboard Wednesday, Saj Sahay and Giri Sreenivas discuss the Bring Your Own Device (BYOD) trend and mobile device security in general. This video names the top mobile device security concerns associated with the popular "Bring Your Own Device" (BYOD) trend. Giri and Saj also discuss how you can mitigate mobile vulnerabilities so that company data cannot be accessed on your exchange servers. If BYOD and mobile device security is on your mind these days—as it is for most security professionals-you'll want to watch this video to learn more!

    Top 5 Challenges Securing Mobile Devices
    Jan 23, 2013

    Top 5 Challenges Securing Mobile Devices

    In today's Whiteboard Wednesday, Saj Sahay talks about the top 5 challenges in securing mobile devices. With the bring your own device (BYOD) trend growing, it is important to protect your employee's mobile devices and the exchange servers that access company data. Watch this quick video to learn how to secure your devices.

    Evading Anti-virus Detection with Metasploit
    Jan 16, 2013

    Evading Anti-virus Detection with Metasploit

    Organizations need to be able to understand and test their users' behavior without anti-virus programs stopping these tests in their tracks. A great way to explore that user behavior is by deploying social engineering programs during a pen test. In today's Whiteboard Wednesday, David Maloney explains several anti-virus evasion techniques you can employ for your Metasploit pen tests.

    Open Source Exploit Development
    Jan 09, 2013

    Open Source Exploit Development

    Today's Whiteboard Wednesday video is presented by Tod Beardsley who talks about open source exploit development. Learn how Metasploit was created and how the open source community is leveraged to make Metasploit so powerful.

    The Malware Lifecycle
    Jan 02, 2013

    The Malware Lifecycle

    This Whiteboard Wednesday features Mark Schloesser, who talks about the malware lifecycle. Mark explains what malware is, why malware is created and how you can prevent it. Since malware is involved in almost every data breach, it is important to know more about it and how you can protect yourself.

    Social Engineering Security and Phishing with Metasploit
    Dec 19, 2012

    Social Engineering Security and Phishing with Metasploit

    Today's Whiteboard Wednesday features Joe Dubin, Rapid7's Product Marketing Manager for Metasploit, who will be talking about social engineering security with Metasploit, specifically phishing.

    BrowserScan with HD Moore - Whiteboard Wednesday
    Dec 12, 2012

    BrowserScan with HD Moore - Whiteboard Wednesday

    Today's Whiteboard Wednesday features HD Moore who will talk about BrowserScan, Rapid7's latest free tool that checks for browser based risks.

    BYOD Security - Whiteboard Wednesday
    Dec 05, 2012

    BYOD Security - Whiteboard Wednesday

    Today's Whiteboard Wednesday features Giri Sreenivas, our VP and GM of Mobilisafe, here at Rapid7. Giri explains exactly what BYOD security is, how it came to be, and what BYOD security means in the context of ever-changing business needs. He'll also dive into what he sees as the future of BYOD security.

    7 Things We Are Thankful For This Holiday Season - Whiteboard Wednesday
    Nov 21, 2012

    7 Things We Are Thankful For This Holiday Season - Whiteboard Wednesday

    Today's Whiteboard Wednesday features seven of Rapid7's executives. With the holiday's right around the corner, the executive team wanted to give thanks to everyone out there who continues to support us at Rapid7.

    IPv6 Security - Why You Should Care About It
    Nov 07, 2012

    Gaining Credibility With IT Teams Via Pen Testing

    Today's Whiteboard Wednesday features Patrick Vitalone and John Greene, who will be talking about how you can gain credibility with IT teams by pen testing for risk validation.

    IPv6 Security - Why You Should Care About It
    Oct 31, 2012

    IPv6 Security - Why You Should Care About It

    Today's Whiteboard Wednesday features Bernd Leger, Rapid7's VP of Marketing, who will be talking about IPv6 security and why it is important to your security program. He goes over what IPv6 actually is, why it is relevant to the security world and next steps to protect IPv6 networks and devices.

    Rapid7 Acquires Mobilisafe - Whiteboard Wednesday
    Oct 10, 2012

    Rapid7 Acquires Mobilisafe - Whiteboard Wednesday

    Today's WhiteBoard Wednesday features Mike Tuchen, Rapid7's CEO, who will be talking about the acquisition of Mobilisafe and what it means to you.

    Risk Prioritization For Maximum Efficiency
    Oct 03, 2012

    Risk Prioritization For Maximum Efficiency

    In this video, Bernd Leger, VP of Marketing, shows you how to prioritize threats in your environments in order to become more efficient and proactive with your vulnerability management.

    What is Penetration Testing
    Sep 26, 2012

    What is Penetration Testing?

    In this video, Chris Kirsch, Product Marketing Manager of Metasploit, explains exactly what penetration testing is - and what it isn't. In addition, he reviews how you can use penetration testing tools to validate security risks in your environment.