Assessing the Maturity of your Security ProgramPresenter:
Gain insight into programmatic security issues and plan your defenses based on the attacker mindset.
Gain insight into programmatic security issues and plan your defenses based on the attacker mindset.
How to perfect your simulation exercises as the driver for setting your breach strategy.
After a decade of responding to incidents and helping customers recover from and increase their resilience against breaches, Rapid7's incident response team has a number of stories from the field that we're ready to share with you.
Penetration tests are a key part of assuring strong security, so naturally, security professionals are curious about how experienced pen testers manage this process - and what things you should address prior to a pen test. Some questions experienced pen tester often hear are 'how did you get in?' or 'what do you most commonly find?-. Join our experts to hear how to create your own penetration testing first aid kit - a tool of the elite offensive security pro.
This webcast will detail how we are changing the paradigm with Nexpose Now, including new easily customized, live updating dashboards that let you see the impact of new risk on your environment immediately.
Understand the steps an attacker must take in order to steal data. Stop them in their tracks before damage is done.
Managing your attack surface is crucial to the security of your network. Your goals need to be focusing on reducing the attack surface to improve defensive posture, and raise visibility enough that you can spot an attacker while they are still in the early phases of carrying out an attack.
Setting requirements, collecting, and analyzing information on threats to your network is hard - but all of that work is for nothing if you don't act on it. Turning threat intelligence into action requires a solid understanding of what your goals are, where your information comes from, and how you can apply it to meet your specific requirements.
IT security concepts such as vulnerability management, threat prevention, and defense-in-depth will not only raise your defensive walls, but make threat monitoring and response much more effective and efficient. Join Wade Woolwine and Jordan Rogers for a discussion on how and why organizations should be building effective approaches to incident detection and response.
Defense-in-depth is an essential part of an effective incident detection and response program. The key to making it successful is understanding your threat profile and organizational goals so that you can tailor your strategy around them.
With over 80 pages to wade through, Bob Rudis, Chief Data Scientist at Rapid7 and former author of the Verizon Data Breach Report, is sharing his perspective and providing some way points to help you navigate through this year's breach and incident map to better understand how the research impacts your organization.
Workstations are the biggest attack surface on most networks, and the easiest for attackers to compromise. Discover how to secure your system by reducing its surface of vulnerability and limiting the ability of a breach by attackers.
Are you confident in your ability to find danger amidst a flood of false alarms? Catching human attacks early starts with creating a security program that is relevant, actionable and sustainable.
The principle of Least Privilege forms the foundation of defense and protection by aiming to improve security through limiting assigned administrative rights. Providing employees the lowest level of user rights while not hindering productivity helps to reduce the surface area of attack. This should hold true for people, processes and devices. Join Caspian Kilkelly and Jordan Rogers for a discussion on how and why organizations should be implementing least privilege models.
Successful Incident detection and response programs must be built on top of effective components of your overall IT Security program. Understanding the impact of security awareness, identity management, attack surface management, and defense in depth against the effectiveness of your ability to detect and respond to threats is critical.
Incident Detection & Response is a growing challenge - security teams are often understaffed, the attack surface for intruders is expanding, and it's difficult to detect stealthy user-based attacks. To learn more about the initiatives, concerns, and solutions security teams are running today, we surveyed 270 security professionals. Join us to learn about the wealth of interesting findings on the state of incident detection and response today.
Defense-in-depth is a topic that has been discussed in the infosec world for the better part of the last 15 years. The reality is that very few organizations have successfully implemented these principles. When we speak to customers, we often find that the reason usually relates back to being so familiar with your intended architecture or business model that it's difficult to switch perspectives and build with an outsider's view as well.
Instead of focusing on the type of passwords end users typically pick, this data shows what passwords opportunistic scanners are using in order to test and likely compromise - Internet connected point of sale systems, kiosks, and scamware-compromised desktop PCs which offer the Remote Desktop Protocol service for remote management.
Rapid7 InsightIDR uniquely combines behavior analytics and search with contextual data collection to detect some of the stealthiest attacks, reduces investigation time by as much as 10x, and empowers incident responders to contain an attack. This new solution from Rapid7 directly addresses the gaps found in most of today-s detection technologies, including SIEMs and IPS devices. InsightIDR is the only fully integrated detection and investigation solution that helps you identify a compromise as it occurs and complete an investigation before things get out of control. Watch this on-demand webcast to learn how InsightIDR can help you cut through the noise to detect attacks, investigate incidents faster, and end the drudgery of security data management.
Though today's malicious attackers pursue a variety of goals - they share a preferred channel of attack - the millions of custom web, mobile and cloud applications companies deploy to serve their customers. Rapid7's AppSpider dynamically scans these applications for vulnerabilities across all modern technology - providing the tools that speed remediation and monitors your applications for changes. Watch this on-demand demo and learn how AppSpider can help you find your weak points, prioritize what matters most, and improve your position.
Watch as we use the number one penetration testing tool, Metasploit, to launch a phishing attack. Then we'll head over to the InsightUBA platform to not only identify the attack, but see the exact IPs, assets, and users compromised. We'll show you how to highlight malicious behavior from endpoint to cloud and provide the context needed to quickly validate threats.
It seems that every security program should be applying data science to detect attackers across the ecosystem. However, merely detecting anomalies leads to alert fatigue and long investigations to validate false positives. For this webcast, we'll share how Rapid7 combines our red team experience with security data analytics to reduce your attack surface and time to contain.
Do you feel that you have positive control of the assets in your environment? Does the potential of a breach keep you up at night? Are you ready to take your breach detection and response strategy to the next level? Breach detection and response capabilities are a key focus area for many companies this year - and for good reason. This continues be a critical area to develop and bolster in order to maintain strong security at any organization.
The past year has taught us that breaches can happen to any organization whether you're a toy company or dating website, but it isn't the new 'celebrity' vulnerabilities that we're falling for - it's attacks like SQL injection that have been around for 10+ years. We need to get the security basics right and solve the problems of today before trying to predict what will happen in the future. The new year gives us an opportunity to take a fresh look at our security programs and set new goals, not just for our individual organizations, but collectively as an industry.
Organizations who are successful in applying threat intelligence to their IDR strategy view it as a process, not a just product. Leveraging threat intelligence as a critical component in breach prevention, detection, and investigation requires a clear understanding of what threat intelligence is, how and when it can be applied, and how it must be managed.
APIs are what connect the billions of Internet of Things (IoT) devices to the cloud where the data they collect is processed, crunched, and made useful. As great as APIs are for developers and end users, they have created some very serious challenges for security experts. All too often, APIs are going completely untested, leaving vulnerabilities undiscovered. Unfortunately, APIs carry the exact same security risks that we have been fighting with web applications for years.
Network Management Systems are widely used to manage and maintain corporate networks on a daily basis. Exploitation of these systems would allow a malicious actor to gain access to critical information and take control of vital assets within these organizations. Listen to researchers Deral Heiland and Matt Kienow as they discuss, dissect, and disclose vulnerabilities in popular Network Management Systems (NMS's).
Metasploit is very popular for penetration testing in the infosec community. The Metasploit framework is a community project that anyone can use for free - so you might ask yourself, 'Why would I pay for something I can get for free?' Upgrading to Metasploit Pro is a great investment - especially if you are new to penetration testing. There is a GUI to get you started, you have phone support if needed, and an expansive feature set.
Every year, the security industry shifts and grows in both expected and unexpected ways. Join us to hear from security experts as they discuss lessons learned from 2015, and what this means for security professionals and the whole industry in 2016.
Security experts believe that application security should be baked into the DevOps framework, but often times, it's tough to get started. In this discussion, we'll talk about specific strategies for partnering with developers and DevOps to build security into the software development lifecycle.
Vulnerabilities and exploits grab headlines, attention, and bounties, but it's the boring old compromised credential that makes the job of hacking possible and profitable for intruders on a daily basis. At Rapid7, we know this from both sides of the attack. Our security consultants run about 500 penetration tests a year and get in nearly 100% of the time in internal assessments. Our incident responders see real-life attacks on networks every day, following cyber-criminals and state actors with every step. What both of them, and many industry research reports agree on, is that there is one attack method that works nearly everywhere: compromised credentials.
Incident detection and response is a time consuming and complex task. To help organizations get it done right, Rapid7 is launching a new service to detect and respond to threats in customer environments. The service combines threat insight with sophisticated user and attacker behavior analytics and is monitored and managed by Rapid7's world-class security analysts. When a breach is identified with Analytic Response services, Rapid7 analysts quickly pivot to incident response, providing security teams with detailed, easy-to-follow remediation steps tailored to the customer's environment.
The Verizon Data Breach Report (DBIR) is arguably the best source of public information on trends on successful attacks-specifically data breaches. What you probably don't know about the DBIR is VERIS, the common language used to describe security incidents in a precise way. VERIS is an acronym: Vocabulary for Event Recording and Incident Sharing. We've all discussed incidents and breaches broadly, but to analyze events thoroughly (looking into successful detection and containment, or failures leading to compromise, etc.) we need a precise way to document them for meaningful analysis.
With the increasing variety of breaches and threat actors in the mainstream news, it can feel like attacks come from nowhere and are impossible to identify. Fortunately, attackers must follow a series of steps, - an attack chain - in order to successfully exfiltrate your confidential data. In this webcast, we dove into each step of the attack chain, including infiltration, reconnaissance, lateral movement, and mission target, and how you can identify attacks earlier in the chain.
We know that good people are critical to an organization and even more so in security teams. Our industry is currently facing a significant skills shortage - and it's not going away anytime soon. Given how hard it is to hire good security staff, it's even more important that we develop, nurture and retain the ones we have. Also, how do we prepare for the future and train a new generation of security professionals?
Wearables. Smart homes. Connected cars. As technology becomes more pervasive and connected to the Internet, attackers are positioned to take advantage of our evolving digital lives. Watch this webcast to learn how to contend with Internet of Things from a security standpoint, as well as to get answers to more basic security questions that business leaders often need to know but are too afraid to ask.
Today's technology is changing the concept of where work is done. Mobile devices, laptops, and cloud services and applications mean you can work from anywhere - the home office, a local cafe, hotel rooms, and even on Wi-Fi connected airplanes. Today's workplace has fundamentally shifted outside the firewall and security teams need to balance productivity with security an expanding attack surface.
The major challenges to leading a cloud-first approach to information technology from a security perspective are disparate management of cloud services, cloud application security, visibility into user behavior beyond the perimeter, and user experience. Jeremy Langohr, IT Manager at Robarts Clinical Trials, built an infrastructure that leveraged Rapid7 and Okta solutions to address these challenges.
Modern digital businesses are exposed to attack across their networks, mobile deployments, web apps, and cloud data storehouses. What's more, this attack surface changes constantly as new employees, partners, contractors and technologies are deployed to meet the needs of your business. More than continually collecting data, you need ways to view it in the context of your business instantly, make informed decisions about what actions to take, and ensure you are improving your overall security posture - even as the threat landscape and your exposure to it evolves.
Phishing attacks are on the rise. Using stolen or weak credentials is the number 1 attack method for breaching a network. Human error is the most frequently seen security incident pattern (Verizon 2015 Data Breach Investigations Report). Providing effective security awareness and training for your employees can help reduce security risk and make users part of the solution, not the problem.
In order to keep up with demands from executives and challenges brought on by increasingly smarter attackers, security professionals must build and maintain a well-oiled security program. Without a strong set of automated security technologies, it's difficult to monitor and adapt to changes in your world as they happen and to keep your organization secure. An integrated infrastructure designed with adaptability in mind allows security professionals to put less time, less effort, and more confidence into their work.
Register for a preview of the new Nexpose look-and-feel and learn about exciting new features coming soon.
It's time for your security program to evolve with your company's strategic IT cloud initiatives. As Office 365 and other cloud services extend the security perimeter to the individual user, it's a challenge to identify intruders moving across your on-premise, cloud, and mobile sections of your network ecosystem. By using stolen credentials, the number one attack vector behind breaches, attackers are able to remain undetected for months. Detecting behaviors across on-premise and cloud applications is a promising approach to detect and investigate these new types of attacks.
Over the past two decades, computer abuse has become increasingly financially motivated. In this webcast, Nicolas Christin, Assistant Research Professor in Electrical and Computer Engineering at Carnegie Mellon University, discusses some of the main features of today's online crime ecosystem - and how it affects the day to day jobs of security professionals.
Do your neck hairs stand up when a user tells you that they clicked on a link in a 'weird email'? Phishing is the easiest way to compromise an organization, and it's a difficult one to protect against. It's important to have an incident detection and investigation plan in place to determine what steps the intruders took after compromising the user.
Government agencies used to be the top attack target, as well as the top source of threat intelligence. How did the private sector turn the tables, and what can government do to improve? Rapid7's Wade Woolwine, manager of Rapid7 Global Services offers insight.
There is much discussion about how the 'IoT', or Internet of Things, increases our risk exposure in our homes - but how does this impact your business? Rapid7 security researchers, Mark Stanislav and Tod Beardsley, discuss how home consumer devices represent a threat to your organization, and the emerging implications for securing your network. Jumping off with ten new vulnerabilities found and disclosed in recent tests on video baby monitors, Mark and Tod talk about how even the most innocuous-looking consumer devices represent a broader business risk, and will discuss the cultural and policy changes required to mitigate it.
According to the SANS 2014 Critical Security Controls survey, security managers see moving to continuous security monitoring and vulnerability mitigation as the foundation for reducing breaches. While the value is clear, the obstacles to assessing vulnerabilities more frequently and more accurately have slowed adoption. However, many enterprises have invested in improved processes, more advanced security products and threat-driven prioritization approaches to show immediate and measurable increases in both the effectiveness and the efficiency of their security programs.
The upcoming EU General Data Protection Regulation (GDPR) is set to bring sweeping changes to how companies handle and protect personal data. Even though the penalties for non-compliance are huge, a recent survey revealed that over half of IT professionals stated that they-re not ready for the GDPR. You may have heard terms like -privacy by design- and -data-centric security- associated with new rules, what do these really mean for you and your organisation?
As a follow up to 'Storming the breach part 1: Initial Infection Vector', Mike Scutt and Wade Woolwine, experts on the incident response team at Rapid7 got together again to discuss the evidence sources use to discover what activities attackers have performed after an initial breach.
Healthcare breaches are on the rise. Service providers face the challenge of securing a large amount of sensitive information about their patients - from financial and personal information to confidential medical records. Hear from a panel of security professionals in the healthcare industry as they exchange points of view on issues, opportunities, and challenges you may face every day.
Incident response is a hot topic among the SANS audience. In SANS' 2014 survey on Incident Response, only 9% of organizations felt their incident response process were 'very effective,' yet the majority of respondents operated under the assumption that they will be breached. This two-part webcast will focus on what is and isn't working for incident responders, what they can do about it, and how they can become more proactive in responding to incidents.
We have understood application security for almost fifteen years now, so why is it still so hard? In today's world, applications, attacks, and attackers are changing faster than technology. What should you expect for your application security solutions and what are some of the strategies you can use to effectively update your program?
Penetration tests are a key part of assuring strong security, so naturally, security professionals are very curious about how this best practice goes down from the pen tester perspective - and what things you should address prior to a pen test. Some questions any experienced pen tester always gets asked are 'how did you get in?' or 'what do you most commonly find?'.
Is it possible to be successful in a vulnerability centric world? Once you have great vulnerability management data, what do you do with it? Watch this session to learn how to find and focus on your true vulnerabilities to build stronger security.
Gear up and join Rapid7's incident response team for part 1 of our 'Storming the Breach' series; a technical discussion on breach investigation methodologies.
You've seen it before. A boss or executive will tell you that security is non-negotiable at your company, and then will do something that would imply security isn't a priority at all. Later, they'll wonder how the last security incident could have happened. What on earth are they thinking? Most security people ask the question rhetorically, but should ask it literally.
After a year of highly publicized cyber-attacks, many organizations have placed new or heightened emphasis on their security programs and investments. But how can you tell if you're getting a return on those investments or making any progress if you don't know where you stand today or where you plan to go?
Vulnerability management has been around since the '90s and the market is mature, but it's still a problem that isn't solved. Security teams still have way too many vulnerabilities to remediate and need to prioritize what matters to the business in order to be effective. Many security professionals are caught being too tactical and not able to make progress at their organizations, especially as the IT environment changes and known vulnerabilities continue to rise in number.
Financial services institutions are charged with protecting highly valuable bank and personal information. They face a motivated and nimble adversary, using increasingly sophisticated methods. On top of this state, federal and international regulators are looking more closely at the industry. Financial organizations need a flexible and comprehensive security program to defend against emerging threats while meeting compliance requirements.
What is the first thing you would do after hearing of a breach at your organization? It-s not okay to have zero plans in place in case this happens - but it is also an enormous undertaking to build out a comprehensive incident response program. So, if nothing else, do you know the top immediate steps you should be prepared to take in the event of a breach? Listen to guest speaker Rick Holland, Principal Analyst at Forrester Research, and Josh Feinblum, VP of Security at Rapid7 as they discuss the immediate steps you should take when a breach occurs.
Protecting web applications has never been more important. The 2015 Verizon Data Breach Investigations Report highlights that web application attacks remain the most frequent incident pattern in confirmed breaches and accounted for up to 35% of breaches in some industries. It's also estimated that nearly 50% of those incidents take months or longer to discover. See how Rapid7 AppSpider, analyzes web applications for security vulnerabilities and maximizes organizations' ability to effectively reduce IT security risk.
Non-targeted, opportunistic, targeted, and insider are 4 threat types, or groupings, that have been understood by the security community at large for years. These groupings of threats are largely based on motivation, prevention, detectability, cost, and impact to those affected. On the defensive side, the concept of defense in depth where you secure the outer perimeter to prevent threats, monitor the interior perimeter for anomalous behavior, and apply tight restrictions to the most sensitive data and system has also been a proven approach to minimizing the impact of threats. Join Wade Woolwine and Mike Scutt from Rapid7-s threat detection and incident response team to discuss how making threat groupings, the attack lifecycle, and defense in depth part of your overall security program planning can help you apply your resources in a way to maximize prevention, detection, and response for a more effective ROI.
The threat landscape is ever-evolving, and adversaries are often faster than the defenders trying to protect against attacks. In the past 12 months, celebrity vulnerabilities like Heartbleed, Shellshock, Poodle, and Freak have dominated not just security news, but business news as a whole. These vulnerabilities have brought back the -F- in FUD, and stakeholders quickly turn to security teams to find out if they are vulnerable. Join Kevin Beaver, Sarah Highcove, and Nate Crampton as they discuss what security professionals need to do to be prepared and maintain an effective security program in the face of the rapidly changing threat landscape.
It-s here - the 2015 Verizon Data Breach Investigations Report. If you are like most security pros, you want to know the most critical takeaways and action items for you from this year-s report. Well, you are in luck! Rapid7 will be hosting a webcast this Friday 4/17 at 11am on the top takeaways from the Verizon DBIR.
According to the Verizon 2015 PCI Compliance report, the requirement that covers penetration testing was the only area where compliance was lower than the previous year. With new penetration testing requirements coming into effect from July 2015, the PCI council has updated their penetration testing information supplement to provide organizations much needed guidance. Join Wim Remes, co-developer of the Penetration Testing Execution Standard (PTES), to hear about the key takeaways from the updated guidance.
Conducting a penetration test on your own network to uncover weaknesses is consider security best practice and required for compliances such as PCI DSS. There are now lots of pen testing vendors worldwide - all claiming to offer high quality penetration testing services. So, how do you determine which vendor offers the right services for your organization? Join us to learn about the 7 questions you should be asking any potential penetration testing vendor.
Limiting and tracking user access to credit card data is a key compliance requirement for retailers, as well as being critical to ensuring the trust of their customers. However, automating and measuring your compliance with these requirements can be tricky business. In addition, the second set of requirements for PCI DSS 3.0 will become effective July 1, 2015 and the PCI Council has recently announced that version 3.1 is coming soon.
For too long, attackers have been one step (or leaps) ahead of security teams. They study existing security solutions in the market and identify gaps they can use to their advantage. They use attack methods that are low cost and high return like stolen credentials and phishing that more often than not, work. They bank on security teams being overwhelmed by security alerts to be able to sift through the noise to detect their presence. We believe it is time security professionals to turn the table on the attackers and use what we know about attacker behavior against them.
incident preparedness is an extensive process that involves identifying and documenting information about your business, assets, exposure, communications, and more. Key contributors need to be chosen and educated, and threat simulation exercises should be planned and executed - and this is all before anything has gone wrong! Join us to learn about all of the moving parts involved in incident preparedness and response
It-s time to rethink our approach to security. The majority of security programs have a plan in place to prevent intruders from getting into the network - but those solutions aren-t working. We need to start detecting intruders when they get past defenses and are on the inside. Watch this on-demand webcast to hear Rick Holland and Chris Kirsch talk about new ways to leverage intruder analytics on top of existing monitoring solutions to detect intruders early, reduce the false positive rate, and simplify incident investigations.
Penetration testing can often be tiresome and time-consuming work, but it doesn-t have to be. The Metasploit team and users alike have figured out how to automate seemingly staggering tasks to make the most of their time. Product features like Metamodules, credentials management, simplified reporting, and more, help pen testing professionals get their jobs done quickly and right. Watch this on-demand webcast to hear from our pen testers about their experiences and challenges.
Over the past 14 months, retail has been the industry hardest hit by cyber-attacks. Understandably, this has impacted security-s role in the organization and raised a lot of questions that still need to be answered. How can retailers balance a security program focused on preventing attacks with the demands of PCI DSS compliance? What do they need to do to protect their organization in a constantly changing threat landscape? And will new technologies like EMV mean the end of payment card data breaches? Watch this webcast to learn more.
The security industry saw a lot of high-profile breaches (eBay, Home Depot, JP Morgan, Sony, Target) and celebrity vulnerabilities (Heartbleed, Shellshock, POODLE, Sandworm) in 2014. How do we learn from the major security events of 2014 and ensure we are implementing best practices to stay out of the headlines and create a more secure 2015? Now-s the time to figure out our 2015 Security New Year-s resolutions.
According to the Verizon 2014 Data Breach Investigations Report (DBIR), -attackers often gain access using the simplest attack methods, ones that you could guard against simply with a well-configured IT environment-. There are many highly regarded security controls best practices that provide guidance for implementing an effective defense, including the Council on CyberSecurity Critical Security Controls, the Australian Signals Directorate Top 35 Mitigation Strategies, and the Verizon 2014 DBIR. Adding up all the recommendations in these best practices gives hundreds of controls that security teams should be looking at. So where do you start?
Do you think you have everything covered and accounted for? Now is the chance to find out what your peers are planning for in 2015. After having reviewed many security environments, our Strategic Services expert panel will share what tactics and strategies World-Class organizations plan to implement in 2015.
It is the last leg of the race - all organizations subject to PCI DSS requirements need to be fully compliant with the 3.0 standards by January 1, 2015*, just over 1 month from now! Now is the time to make sure your organization is going to be PCI 3.0 compliant and prepared for your audit when the time comes.
Despite bold claims and billions of dollars invested, legacy protections like traditional and next-generation firewalls, intrusion prevention systems, anti-virus, and Web gateways no longer stop advanced malware or targeted APT attacks. These systems rely too heavily on signatures, known patterns of misbehavior, and reputation to be effective at accurately identifying and blocking advanced targeted attacks. This leaves a gaping hole in network defenses that remain vulnerable to today's new breed of cyber-attacks.
It is not a fair game: Attackers need less than a day to get their job done but incident responders currently need more than a month to detect, investigate, and contain an attack. As an industry, we need to find ways to shave days, hours, and minutes off our process to tip the game in our favor. In this free webcast for incident responders, we will focus on how you can greatly accelerate incident investigation with Rapid7 InsightUBA - at a time when every minute counts.
For Cyber Security Awareness month this year, we have been focusing on how security professionals can communicate with their executive leadership more effectively by explaining security in their terms. Given the number of high profile breaches in the past year, the C-suite and Boards of Directors are paying closer attention to cyber security and the potential business risk in terms of liability, loss of reputation, and revenue impact. Alignment with leadership is crucial for building security into your business planning to minimize risk to your organization. Join our panel of security experts as they reflect on and dig into learnings from the past month.
In this webcast Damian Finol of Rapid7 and Jack Marsal of ForeScout will discuss the importance of continuous monitoring, why traditional tools aren-t always the best tools, and how Rapid7 and ForeScout work together to ensure your security monitoring needs are covered.
Many organizations must now detect compromised credentials and risky user behavior, a difficult goal in this age of 'everywhere access.' The growing use of cloud services and mobile devices increases the vulnerability of organizations to attacks that rely on deceiving users and staying under the radar of monitoring systems. This webcast includes a functional review of Rapid7 InsightUBA to detect and investigate real-world attempts to compromise user credentials and determine risky user behavior. Detection and investigation across on-premise, cloud and mobile environments are highlighted, along with discussions of ease of use, speed to detect and investigate, and report types. Watch this webcast today.
The Shellshock vulnerability is all over the headlines, and rightly so - it is rated the maximum CVSS score of 10 for impact and ease of exploitability. Watch this webcast with Tod Beardsley, Manager of Metasploit Framework to learn all about this vulnerability and what you should be doing to protect your organization from it.
Every organization is at risk of a cyber-attack, and it's not really a matter of -if-, but -when-. We've seen high-profile stories of data breaches, denial of service attacks, and other major incidents. So how do you ensure your organization is not the next headline? In this on-demand webcast we'll explore that question and so much more with two of the leading security experts-- Gartner analyst Anton Chuvakin and Jay Roxe, director of product marketing at Rapid7.
In this technical presentation for incident responders and other security professionals, we will discuss how compromised credentials are a key predatory weapon in the attacker-s arsenal. This isn't changing in the foreseeable future. We will systematically explore why they can be prevented but never cut off completely, and how to leverage this knowledge in detection. We will discuss indicators of compromise (IoCs) for Pass-the-Hash (PtH) attacks in depth, while detailing more efficient detection techniques focused on misused, -donated-, or otherwise compromised credentials.
The benefits of making the changes that lead to better detection and smarter response include lower personal and business risk. Learn how to use your new capabilities to reduce risk, improve security, and demonstrate value to the business.
Security controls are a topic with far reaching implications, but, with a rigorously deployed and comprehensive controls program, organizations can realize significant risk reduction. SANS.org and the Australian Signals Directorate (ASD), along with others, promote a slightly different twist on the relative weighting and criticality of security controls. Watch this webcast to learn about security controls best practices, and the controls that matter most in your environment.
Once the decision to seek out and remove unwelcomed guests - especially those using compromised credentials - is made, focus turns to building the right program to prevent & detect party crashers. Find out the right blend of expertise and focus required to drive rapid, successful results. Engage in the 4th segment with Michael Santarcangelo of Security Catalyst to explore how recent changes make quick results possible, and what you need to do to build or choose the right solution for you.
Credentials have become the number one attack methodology, according to the Verizon Data Breach Investigations Report. Mirroring the increased use of stolen credentials by attackers, 59% of penetration testers focus more than half of their security assessments on credentials versus exploits, according to a 2014 survey. The biggest challenge often rests in effectively managing the large number of passwords, hashes, and SSH keys. Watch this on-demand webcast to learn the trends that cause attackers to increasingly use credentials and learn how you can use Metasploit pro to simulate credential abuse.
A lot of efforts in security feel like priorities. After all, we-re focused on preventing bad things from happening - it-s important! The challenge - and the key to success - is the ability to apply the right focus and get the buy-in necessary to act now to identify those crashing the party among your user base. In our 3rd installment of Party Crashers, Michael Santarcangelo of Security Catalyst will explain the importance of acting now to detect compromised credentials, and what you risk by waiting.
Attackers pivoted. We need to adapt. With an understanding of their motivations and methods, we are able to consider our own. Our path starts with a shift in mindset and a change in tactics - specifically what to look for in our network and how to respond. Join Michael Santarcangelo of Security Catalyst for the second part of the summer series
Security issues keep many of us from sleeping at night, and security professionals in healthcare environments have even more unique challenges than most. This webcast will take a look at these issues from the eyes of a penetration tester and medical device security researcher. Jay Radcliffe, Senior Security Researcher at Rapid7, has spent the last three years wading through the security minefield of healthcare, from small clinics to working with the FDA and FTC on regulation reform. Being able to identify where the problems exist and what actions you can take to contain them will be the remedy to your security related insomnia.
Attackers change their methods to follow the path of least resistance. The growing trend, confirmed by the latest Verizon Data Breach Investigations Report, is the preference to use compromised credentials - allowing attackers to look like welcome guests. Understanding current attack methods is the first step to making the adjustments needed for a successful security program. Watch the first session of the summer series, -Party Crashers,- hosted by Michael Santarcangelo of Security Catalyst. We-ll explore and discuss the attacker mindset and what it means for security professionals.
Incident investigation puts your security team to the test: how quickly can you determine if an alert is real or a false alarm? How long would it take you to determine the extent of an attack, which users are affected, and what assets were involved? And, would you be able to decide on an effective course of action for containment? 86% of security professionals think that incident investigation is too lengthy a process, watch this webcast to learn how to significantly speed up this process.
Humans have become the easiest way to breach an organization. In the past year, phishing rose from number 8 to number 3 in the most frequent threat actions rankings according to the latest Verizon Data Breach Investigations Report. Security professionals responsible for securing their corporate environment must have an action plan to prevent, detect, and respond to these types of attacks. Watch this webcast to learn how to prevent, detect, and respond to phishing attacks.
PCI DSS 3.0 deadlines come closer by the day - do you have plans in place to make sure you will be compliant? Performing a gap analysis is a great way to identify the areas in your current security and compliance programs that need to be enhanced. However, becoming compliant with so many requirements is not always straightforward - there are many factors to consider and it is very time-consuming. In this webcast you will learn how to start your journey by performing your own gap analysis against PCI DSS 3.0 and outlining where to begin when creating an action plan.
Penetration testers will need to pay more attention to productivity if they want to survive in today-s landscape: Job prospects have never been better in IT security. It-s already hard to hire qualified security professionals. Forrester just announced that 46% of companies are planning to spend more on network security. PCI 3.0 increases the demand and duration of penetration tests for companies that handle credit card data. All of these trends put pressure on penetration testers to work ever more efficiently to get the work done. In this webcast, Chris Kirsch outlines ways to save time with Metasploit Pro when conducting a penetration test. The webcast includes a demo.
Attackers are constantly changing their attack patterns, and a big part of a security professional-s job is just keeping up with the latest trends and defending against them. In this webcast for IT security professionals, you'll get a summary of the most significant findings from the Verizon Data Breach Investigations Report with commentary from our speakers based on unique insight into the attacker mindset.
According to the latest Verizon Data Breach Investigations Report, user-based attacks are the most common attack vector. Security professionals must find efficient ways to protect against, investigate and respond to these new types to attacks. Through its Metasploit penetration testing solution, Rapid7 has a unique perspective of how attackers break into and infiltrate networks, which is highly valuable in defending against attacks. Join us to learn how you can better protect your organization from user-based attacks and also understand and investigate malicious activity.
Many organizations in the private and public sectors feel trapped by noise in the security space and don-t have direction on the best way to proceed with security programs or, for many, how to even get started. Because of this, there is a directive to create a Cybersecurity Framework that will improve alignment between federal and commercial industries, and better enable organizations to inform and prioritize decisions about cybersecurity. Watch this webcast to learn 5 steps you can use to enhance your risk management program.
Did you know that a stolen medical record sells for over ten times more than a stolen credit card number? While retail breaches receive a lot of press coverage, attacks on healthcare institutions create more long-term challenges for consumers by putting medical devices, patient records, and health insurance data at risk. Watch this in-depth webcast with John Halamka, CIO of Beth Israel Deaconess Medical Center and a thought leader in the privacy space, and a Rapid7 Healthcare Security expert, Christopher Ream, as they discuss the unique and complex issues faced by security professionals in healthcare.
Vulnerabilities have been around for as long as computer technology has been in use. With the increase in breaches over the past few years, it-s clear that the exploits that take advantage of these vulnerabilities are not going away anytime soon. Vulnerabilities continue to be found - and the various methods attackers use to exploit them continue to evolve. An effective vulnerability management program can help protect your sensitive data and assets. Watch this on-demand webcast to learn how to keep up with the ever-changing vulnerability and exploit landscape and protect your organization from nimble attackers.
It is no secret that compromised users are involved in the majority (76%) of all attacks. And now with the Heartbleed OpenSSL vulnerability, chances are higher than ever that user accounts will be exploited by attackers trying to enter an organization-s network. Just because users are an unpredictable variable in your network doesn-t mean that security and incident detection and investigation are impossible.
We are all sick of Heartbleed. It feels like the info sec song that wore out its welcome on the local radio station. By now, the vast majority of external facing systems and services have been inventoried and patched. Some, more reluctantly than others, have ordered new certificates, generated and pushed new SSL keys. Now that-s all done, we are building post mortem reports for executive management teams and boards, reflecting on our response to Heartbleed, and iterating and improving in preparation for the next incident.
Many systems and environments saw usernames and passwords leaked by the Heartbleed attack. Love em or hate em, we know that users re-use passwords. Unlike major site compromises, password dumps, and public compromise notifications, very few organizations out there know whether or not their systems were hit, or what information was lost. Watch this webcast to learn how you can shorten Heartbleed's long tail impact within your organization.
Malicious attackers use custom payloads to evade anti-virus solutions. Because traditional Metasploit Framework payloads are open source and well known to AV vendors, they are often quarantined by AV solutions when conducting a penetration test, significantly delaying an engagement or even stopping a successful intrusion, giving the organization a false sense of security. Penetration testers must therefore have the ability to evade AV solutions to simulate realistic attacks. In this webcast, David Maloney will demonstrate a new AV evasion technique in Metasploit Pro that evades detection in more than 90% of cases and has the ability to evade all ten leading anti-virus solutions.
The OpenSSL Heartbleed vulnerability rocked the world of security professionals. The task of securing your organization from this single vulnerability can seem overwhelming. In this webcast, security strategist Trey Ford and security researcher Mark Schloesser will help you understand how the vulnerability is exploited, discuss the impact it has on the system, explain how to detect if you are vulnerable, and discuss the best way to develop a strategy to secure your environment.
All assets are not created equal - and they should not be treated the same way. Security professionals know the secret to running an effective risk management program is providing business context to risk. However, its easier said than done. Every organization is unique: all have different combinations of systems, users, business models, compliance requirements, and vulnerabilities. Many security products tell you what risk you should focus on first, but don-t take into account the unique make up and priorities of each organization. With the new Rapid7 RealContext, Nexpose solves these problems for you by allowing you to focus on what matters to your specific business quickly, efficiently, and effectively. Join this webcast to see how RealContext will improve your productivity and reduce the highest risks to your organization.
The PCI Council has updated many requirements for PCI DSS 3.0, most notably those for penetration testing. In this webcast for information security professionals responsible for PCI compliance, Chris Kirsch walks the audience through existing and new requirements, and what to watch out for.
Small businesses don-t have a big budget for security tools. They often don-t even have the staff or in-house skills to run the security program they need to protect their network. For small businesses, most security tools are either too expensive or require too much manual work on the part of the administrator. But, these businesses are still vulnerable to attacks. Regardless of the industry, it-s merely a matter of time before an attacker targets any given company, whether the organization is aware of it or not. So, even small businesses like yours need to worry about security and possible attacks that will impact them. Watch this webcast to learn the 5 key steps your small business should take to protect against cyber-attacks.
10 years and 3 versions later, organizations still struggle to become PCI compliant. As seen in recent news, even those that try to be compliant are getting breached. PCI DSS is a set of security best practices designed to help protect organizations from cyber-attacks - so why is it that as more organizations become compliant, more data is getting stolen? Unfortunately, by reading the PCI DSS guidelines by the letter of the law you can become compliant and still not have a solid security program. The intent behind the requirements is what really matters for security. Watch this webcast to learn how to read between the lines to understand the true security purpose of each PCI guideline so that compliance finally equals security.
Vulnerabilities have been around for as long as computer technology has been in use. With the increase in breaches over the past few years, it-s clear that the exploits that take advantage of these vulnerabilities aren-t going away anytime soon. Vulnerabilities continue to be found - and the various methods attackers use to exploit them continue to evolve. Watch this webcast to learn how to keep up with the ever-changing vulnerability and exploit landscape and protect your organization from nimble attackers.
Attackers are out there, looking for targets to test their skills on for financial gain, political motivations, or even just for entertainment. How do these attackers target your assets, enter your environment, then escape with the jewels all while leaving little trace of their presence? Watch this on-demand webcast to learn about the Advanced Persistent Threat model and how dangerous attackers do their work.
Deception-based attacks impose a dangerous and growing risk to organizations. These kinds of attacks are inherently difficult to detect because they are designed to be stealthy, clever, and targeted - especially for the untrained eye. Watch this webcast to explore this topic further.
Metasploit Pro is more than just a pretty web interface for Metasploit; it contains many little known features that simplify large scale network penetration tests. In this technical webinar for penetration testers who are familiar with Metasploit Framework, David Maloney shows which features he finds most useful in Metasploit Pro.
Cyber-attack sophistication levels are increasing every day. Users have become the entry point of choice and are sometimes the attackers themselves. Yet, most security solutions are still focused solely on IP addresses and do not extend visibility to public clouds, making identifying and investigating critical incidents challenging. How can you efficiently discover, investigate and stop new incidents before you-re in trouble? Watch this on-demand webcast to find out.
In this technical webinar for penetration testers, Dave Hartley aka @nmonkee presents a brief overview of how the recent SAP modules he contributed to the Metasploit Framework can be used to go from Zero to Hero and achieve SAPpwnstar status when assessing or encountering SAP systems during engagements. The webcast will provide a very high level overview of common SAP system vulnerabilities and misconfigurations as well as demonstrate how the Metasploit Framework can be leveraged to quickly and easily exploit and compromise misconfigured/vulnerable SAP systems.
It is a tough series of facts: Your users are using passwords that get compromised in the megabreaches, putting corporate data at risk by using unapproved cloud services, and falling for phishing attacks. Users are the largest risk to your data security, but your existing tools may be focused within the firewall and failing to secure user activity across on-premise, cloud and mobile environments. Watch this on-demand webcast presented by John Kindervag, principal analyst at Forrester research, and Jay Roxe, Sr. Director of Products at Rapid7, for a wide-ranging discussion of best practices to secure user data in your environment.
In this webinar, Chris Hadnagy will talk about how to write effective social engineering emails both for phishing campaigns as part of a penetration test and for simulated phishing campaigns to measure awareness.
In this technical webinar for penetration testers, Metasploit developers and security researchers Tod Beardsley and Juan Vazquez from the Metasploit team, give an introduction to SAP for penetration testers. The webcast introduces viewers to the most important components of SAP and gives an overview of Metasploit modules for SAP provided by community contributors. This webinar includes a demo.
How many of your employees are using Dropbox - or other cloud applications? What if one of your key admins who recently failed your phishing test is suddenly logging in to your network from China? Todays workplace has fundamentally shifted outside the firewall, and outside of the control of IT, as users choose their own cloud services, mobile devices and social networks. These trends result in increased risk but also productivity - and they are unstoppable. Watch this on-demand webcast to learn more!
The latest changes to PCI DSS 3.0 involve clarifications, additional guidance, evolving requirements, better documentation and scoping, and importantly - necessary action from IT and security teams. Watch this on-demand PCI webinar to get the -must know- details about PCI DSS 3.0 from one of the original authors of PCI DSS 1.0.
In this technical webinar for security professionals, Chris Kirsch discusses how vulnerability validation can be leveraged to reduce the overall cost of a vulnerability management program, increase credibility with the IT operations team, and shows how Rapid7 solutions can be used for a closed-loop vulnerability validation. The webinar includes a demo.
With the goal of vulnerability management to reduce risk, identifying the real threats and remediating now is absolutely critical. And with security teams under increasing time and resource pressure, being inundated with lists of vulnerabilities and reams of reports from a vulnerability scanner does not help. It is important to understand the different vulnerability scanning techniques and how they fit into your vulnerability management program, as well as what you need to transform scanning into prioritized, fast remediation. Watch this on demand webcast presented by Scott Erven, CISSP & Information Security Manager at Essentia Health, and Nate Crampton, Product Marketing Manager at Rapid7 to learn how to establish a strong and effective vulnerability management program.
In the 2013 Gartner CIO Agenda Report, over 2,000 CIOs were asked to rank their top technology priorities for 2013. Security was ranked at number 9 and, surprisingly, has remained static at this priority level for the past 5 annual surveys. Given that recent studies estimate that cyber-attacks are costing the U.S. economy 100 billion dollars annually, why is security not a higher priority for CIOs?
Mobile apps are everywhere - with more than 100 billion mobile apps downloaded since 2008, it is no wonder that 4 out every 5 minutes we spend on mobile devices is on an app. Attackers aiming to steal company data are well aware of this trend, with 97% of malware on Android smartphones coming from apps downloaded through third-party app stores. These apps are usually loaded with malicious functions that can expose the user and their company to severe risk. Watch this on-demand webinar to learn a process for identifying and managing the risks from apps being used on BYOD devices in your organization.
For many security practitioners, prioritizing your security efforts and aligning to best practices can be a daunting task. How do you approach it? What tools do you use? And how do you know if the controls you have in place will really keep you safe from an attack. Join SANS Director of Emerging Trends, John Pescatore and Matt Hathaway, Senior Product Manager at Rapid7 as they explore the SANS Top 20 Critical Controls and how you can use them to develop your security program.
Healthcare organizations are constantly developing and deploying new technologies and applications to help healthcare professionals treat patients and share information more effectively. Overall, application, vulnerability, and threat visibility is critical to deploying and managing a more secure application development process in this environment. Watch this on-demand webcast presented by David Bressler, Senior Security Consultant at GuidePoint Security, and Ethan Goldstein, Security Engineer at Rapid7, to learn what steps security professionals in the healthcare industry need to take to manage their environment fearlessly and efficiently.
In this on-demand webinar for CISOs and IT security managers, Chris Kirsch outlines some of the concepts for building a successful vulnerability management program. After identifying four of the most common issues with vulnerability management programs, he outlines solutions for prioritizing vulnerabilities to fix, overcoming political obstacles in the organization, and building a successful relationship with other parts of the IT organization.
While the majority of consumer press is focused on the new aesthetic features of iOS7, there are many important security reasons to update Apple devices to this new version. From fixing the large number of vulnerabilities in iOS6, to enabling the new -Activation Lock- feature to combat smartphone theft, Apple has made significant security upgrades in this latest release. Please join Dirk Sigurdson, Director of Engineering at Rapid7, for a detailed explanation of these key enhancements. Dirk will also provide his expert advice on how best to ensure all users in an organization update their devices in a timely manner.
Effective security programs are managed as a continuous process that requires a strong partnership between security and the business. While most organizations understand this, they still struggle to stay aligned due to differing views on priorities and investments, in part due to a lack of common set of metrics for measuring success. Join Jane Man, Product Marketing Manager at Rapid7 for a webcast that will explore this topic in detail, and give participants a framework for how they can structure their security organization and build a common set of metrics for success.
In this webinar for security professionals, Chris Hadnagy will talk about phishing attacks on major companies and how to detect them. Chris Hadnagy, aka loganWHD, has been involved with computers and technology for over 15 years. In the second part of the webinar, Chris Kirsch, a member of the Metasploit team at Rapid7, will provide a quick overview of how you can use Metasploit Pro to measure the security awareness of your users by sending out simulated phishing attacks and training users that fall for them.
Phishing has consistently been the initial attack point in major breaches, and many organizations are not aware of how much more they could be doing to protect themselves, particularly through user education. Rapid7 conducted a survey across 600 organizations to find out what measures organizations have been taking to combat user-based risk, and more importantly, where people are commonly failing to act. Register for this webcast to learn what security professionals can be doing for better user-based protection, and how others approach user-based risk.
There are many challenges organizations face before achieving compliance. You might wonder - how can I check to make sure my systems are configured based upon the regulatory requirements? Which vulnerabilities matter for remediation for regulatory compliance? What is the best way to remediate vulnerabilities to be compliant? How can I scan an isolated network without going through loopholes? Join this webcast with Ryan Poppa, Product Manager, and John Schimelpfenig, Federal Account Manager, to learn how vulnerability management and penetration testing solutions will enable you to be FISMA compliant.
Are the machines in your organization updated with the latest operating system patches? Are users required to have strong passwords that expire periodically? Do you know if the security measures in place at your organization are keeping you as protected as possible? You might wonder if you are taking the right steps to having strong endpoint security, and how you stack up against your peers. Good news! Rapid7 conducted a survey across 600 organizations to find out just how secure endpoint security is. Watch this on demand webcast to learn which security measures most professionals are ignoring and embracing, and whether they are making the right choices. You-ll also learn the findings from the Rapid7 research on endpoint security, as well as recommendations for best practices in endpoint security.
Forrester Research reported in 2011 that 59% of companies support employee-owned smartphones in various ways, and while the bring your own device (BYOD) trend in the workplace continues on the rise, organizations are faced with the need to create and enforce mobile policies to ensure that company data on employees mobile devices is secure. The question remains - how strong are organizations mobile security polices? To find out, Rapid7 surveyed 600 IT professionals about the use of mobile devices in their workplace and the security protocols in place to protect against data breaches.
With the Bring Your Own Device (BYOD) trend accelerating across most organizations, and employees downloading apps for both personal and professional use without much regard for corporate security, apps have now become the critical vehicle for cybercriminals to penetrate an organization and gain access to confidential company data. Every IT Security department now needs to incorporate mobile apps into their overall security planning. This 30-minute, on-demand webinar on mobile apps and their security risks will explain the different type of apps available and their associated security risk, examples of malicious apps, and a simple framework to protect against mobile app risks.
Many security testing techniques are either based on clunky tools or require custom development, making them expensive to use. To accelerate this testing, MetaModules automate common yet complicated security tests, providing under-resourced security departments and penetration testers a more efficient way to get the job done. In this webinar for IT security professionals, Christian Kirsch and Joe Dubin will introduce the new Metasploit Pro MetaModules, a unique new way to simplify and operationalize security testing.
The integration between Rapid7 and Sourcefire will help increase the amount of contextual data available to the security analyst. The Sourcefire IPS can determine if a host is vulnerable and can in turn adapt the security protocols accordingly. The increased information provided from the Rapid7 Nexpose vulnerability scanner will allow the Sourcefire IPS to reduce the number of security events at the sensor level and self-tune the protection to optimize its alerting and blocking. Watch this on-demand webcast to learn more about the efficiency gained when integrating Rapid7 products with Sourcefire.
With about 80% of companies embracing BYOD or Bring Your Own Device, mobile security is now a top priority at most companies. Watch this 30 minute live webcast where we will talk about the recent research we have performed to find the top 7 mobile security threats. You will also come away with mitigation tactics for each threat.
There are so many vulnerabilities constantly appearing that it is daunting for security professionals to decide which ones should be tackled first. How do you decide which vulnerabilities really matter? Are you focusing on vulnerabilities that can actually be exploited and do not have compensating controls in place? Watch this on demand webcast to learn how solutions like Nexpose for vulnerability management and Metasploit for vulnerability verification work together to help prioritize vulnerabilities that put your organization at risk and help you get buy-in from IT on urgent security issues.
As mobile devices become more common, cybercriminals see them as having huge profit potential, and aim to gain access to a users confidential personal and financial information. Mobile applications are the primary way users access information via mobile devices, and as a result the majority of mobile malware is embedded in applications that once downloaded on the device can gain access to this valuable information. But creating policies and understanding the risk of mobile malware, can often be easier said than done. Join Saj Sahay, Senior Product Marketing Director at Rapid7 for an interactive webcast where Saj discusses the mobile malware landscape and how organizations can limit their risk.
Do you struggle with finding the best way to communicate with your CIO/CISO about why a security solution is worth the money and implementation effort for your company? The hardest part of the process when buying a new product is often getting your boss to sign on and understand why the purchase is important. In this webinar you will hear straight from the horses (boss!) mouth as the CIO of Rapid7, Jay Leader, details the 5 questions you should be able to answer before approaching your boss in order to explain your solution choice effectively.
The standards and frameworks for risk management are always changing, so it can be a daunting task to keep up all while keeping your organization safe from a breach. If you are looking for ways to better understand and improve your security posture, watch this free webcast with Charles Kolodgy of IDC Research and Jay Roxe, Sr. Director of Product Marketing at Rapid7. They will discuss today-s risk management landscape, critical controls you need to have in place, and how and what to show your executives on a regular basis to demonstrate the impact of your security program.
When you work with your IT team do you provide them with large reports that often contain irrelevant information? Do you have trouble determining which remediation steps are going to provide the biggest return? And, how do you know if your Redhat linux servers are configured securely, or if your change management processes catch all of the changes to your servers? These are some of the issues that security professionals and IT organizations struggle with, and now, Nexpose-s newest version can address these and more. In this webcast, Nate Crampton, Product Marketing Manager for Nexpose, presents a 30-minute interactive webinar session on how to take your vulnerability management program to the next level. This webcast addresses the common challenges security professionals face with remediation and provides a framework for confronting them, as well as demonstrates how Nexpose solves remediation issues.
In this webinar for IT administrators, web app developers and security professionals, Michael Belton will talk about the brand new OWASP Top 10 2013 and why they're an important guideline for securing web applications, focusing on the changes since the previous OWASP Top 10 version. At the end, Christian Kirsch and Joe Dubin will show how Metasploit Pro can be leveraged to test web applications to test for OWASP Top 10 2013 vulnerabilities in your applications. The webinar will include a live demo.