November 30, 2023
It takes an average of 204 days for organizations to discover a breach, and from there an average of 73 days to contain it. With the average cost of a breach at an all time high of $4.45 million (IBM’s Cost of a Data Breach Report 2023), there’s an undeniable need for teams to enlist the right experts to quickly eradicate threats... Read Rapid7's Blog Here.
November 29, 2023
Digital transformation has created immense opportunity to generate new revenue streams, better engage with customers and drive operational efficiency... Read Rapid7's Blog Here.
November 21, 2023
It’s no secret that security teams are feeling beleaguered as a result of the barrage of data, events, and alerts generated by their security tools, to say nothing of the increased budget scrutiny and constrained staff resources that continue to plague cybersecurity practitioners... Read Rapid7's Blog Here.
Nov 16, 2023
The rapid pace of technological change and the attendant rise of cyber threats in both speed and number leave most organizations at a disadvantage... Read Rapid7's Blog Here.
September 29, 2023
Nearly 70% of companies that are breached are likely to get breached again within twelve months (CPO). Effective remediation and addressing attacks at the root is key to staying ahead of threats and recurring breaches on the endpoint. Strong Digital Forensics and Incident Response (DFIR) ready to go when any incident occurs is a critical piece of a security team’s toolkit and drives successful response and remediation... Read Rapid7's Blog Here.
September 29, 2023
A lot of new and exciting product updates this quarter to help customers continue driving better security outcomes. We are thrilled to launch a new vulnerability risk scoring strategy this quarter along with upgrades like improved UI for the Engine Pool page, more policy coverage, and more. Let’s take a look at some of the key updates in InsightVM and Nexpose from Q3... Read Rapid7's Blog Here.
September 20, 2023
This week, Rapid7 was named a Strong Performer in The Forrester Wave™: Vulnerability Risk Management, Q3 2023. The report, which included 11 vulnerability risk management vendors, represented Rapid7's inclusion in the Wave report for vulnerability management. We are proud to be recognized for our consolidated platform approach, speedy response to actively exploited emergency vulnerabilities, and a deep commitment to the cybersecurity community through open-source tools and community research... Read Rapid7's Blog Here.
September 20, 2023
Over seven years ago, we set out to change the way that SOCs approach threat detection and response. With the introduction of InsightIDR, we wanted to address the false positives and snowballing complexity that was burning out analysts, deteriorating security posture, and inhibiting necessary scale. We wanted to deliver a more intuitive and pragmatic approach, providing the most comprehensive coverage, with the strongest signal-to-noise... Read Rapid7's Blog Here
August 23, 2023
When it comes to security vendor consolidation, Gartner found that 57% of organizations are working with fewer than ten security vendors, utilizing consolidation to cut costs and improve their overall security posture... Read Rapid7's Blog Here.
August 22, 2023
Ransomware-as-a-Service, or RaaS, has taken the threat landscape by storm — so much so that in 2023, the White House re-classified ransomware as a national security threat. How has RaaS taken the impact of ransomware attacks to this next level of federal concern? By allowing potential cybercriminals to launch a ransomware attack regardless of their experience with programming or technical sophistication... Read Rapid7's Blog Here.
August 01, 2023
SecOps metrics can be a gold mine of potential for informing better business decisions, but 78% of CEOs say they don’t have adequate data on risk exposure to make good decisions. Even when they do see the right data, 82% are inclined to “trust their gut” anyway... Read Rapid7's Blog Here.
July 06, 2023
I've worked in cybersecurity for over two decades, so I've seen plenty of platforms come and go—some even crash and burn. But Rapid7, specifically InsightIDR, has consistently performed above expectations. In fact, InsightIDR has become an essential resource for maintaining my company’s cybersecurity posture... Read Rapid7's Blog Here.
June 28, 2023
Central to our mission at Rapid7 is building long-term relationships with partners who deliver valuable security solutions to customers. As customers increasingly seek managed services to meet their security needs, we've eagerly expanded our partner ecosystem to support a rapidly growing body of Managed Security Service Provider (MSSP) partners... Read Rapid7's Blog Here.
June 21, 2023
It's essential for security and IT teams to have a comprehensive view and control of their cyber assets. This is why Cyber Asset Attack Surface Management (CAASM) has received so much attention from security practitioners and leaders... Read Rapid7's Blog Here.
May 18, 2023
Rapid7 recognized as one of the top 13 vendors as a strong performer by the Forrester WaveTM for MDR, in Q2 2023... Read Rapid7's Blog Here.
March 29, 2023
Part 3: Confronting Security Fears to Control Cyber Risk Webinar... Read Rapid7's Blog Here.
March 15, 2023
The number one threat to cloud security is misconfiguration of resources, and frankly, it's not hard to understand why. The cloud is getting bigger, more tangled, and flat-out more unmanageable by the day... Read Rapid7's Blog Here.
March 15, 2023
Security teams must continuously contort their efforts to effectively respond to the growing volume of cyberthreats. These constantly shifting methods in the security operations center (SOC) can be difficult to manage in the face of emerging external threats—it can be like keeping multiple spinning plates in the air at once... Read Rapid7's Blog Here.
March 14, 2023
The healthcare industry is undergoing a transformational shift. Health organizations are traditionally entrenched in an on-prem way of life, but the past three years have plunged them into a digital revolution. A heightened demand for improved healthcare services—like distributed care and telehealth—ignited a major push for health orgs to move to the cloud, and as a result, implement new cloud security strategies... Read Rapid7's Blog Here.
March 14, 2023
In the session, Jason Hart, Rapid7’s Chief Technology Officer, EMEA, will discuss how organisations can develop the ability to adapt while being able to quickly revert to their original structure after times of great stress and impact... Read Rapid7's Blog Here.
March 08, 2023
The cloud's computing power and flexibility unlocks unprecedented speed and efficiency—a tech company's two best friends. But with that speed and efficiency comes new environments and touchpoints in an organization's footprint. That expanding attack surface brings along with it an expanding range of security concerns... Read Rapid7's Blog Here.
February 28, 2023
In the session, Jason Hart, Rapid7’s Chief Technology Officer, EMEA, shared his experiences to help executives enhance their cyber mission and vision statements to create a positive cybersecurity culture that permeates the business... Read Rapid7's Blog Here.
February 22, 2023
Security teams manage an average of 76 different tools. Breaches have gone from “s#&@!” to “inevitable.” That’s why we built Managed Threat Complete to address the reality of today’s threat environment. By 2025, Gartner says 50% of organizations will decide to partner with an MDR (Managed Detection and Response) service for 24x7 monitoring... Read Rapid7's Blog Here.
February 16, 2023
President Biden has announced his intent to appoint a group of highly qualified and diverse industry leaders, including Rapid7 chairman & CEO Corey E. Thomas, to the President’s National Security Telecommunications Advisory Committee (NSTAC)... Read Rapid7's Blog Here.
January 26, 2023
Rapid7’s partner SCADAfence recently commissioned a survey of 3500 OT professionals. Among the findings, nearly 80% of respondents believe that human error presents the greatest risk for compromise to operational technology (OT) control systems... Read Rapid7's Blog Here.
January 24, 2023
We are happy to announce that Rapid7 has been added to Carahsoft’s GSA Schedule contract, making our suite of comprehensive security solutions widely available to Federal, State, and Local agencies through Carahsoft and its reseller partners. "With the ever-evolving threat landscape, it is important that the public sector has the resources to defend against sophisticated cyber attacks and vulnerabilities," said Alex Whitworth, Sales Director who leads the Rapid7 Team at Carahsoft... Read Rapid7's Blog Here.
January 24, 2023
We are happy to announce that Rapid7’s solutions have been added to the NASPO ValuePoint Cloud Solutions contract held by Carahsoft Technology Corp. The addition of this contract enables Carahsoft and its reseller partners to provide Rapid7’s Insight platform to participating States, Local Governments, and Educational (SLED) institutions... Read Rapid7's Blog Here.
November 22, 2022
When an organization is moving their IT infrastructure to the cloud or expanding with net-new investment, one of the hardest tasks for the security team is to identify and establish the proper security policies and controls to keep their cloud environments secure and the applications and sensitive data they host safe... Read Rapid7's Blog Here.
October 18, 2022
Globally, IT experts recognise security as the most significant barrier to cloud adoption, in part because many of the ways of securing traditional IT environments are not always applicable to cloud-native infrastructure. As a result, security teams may find themselves behind the curve and struggling to keep up with the ambitious digital transformation programs set by their senior leadership teams... Read Rapid7's Blog Here.
October 12, 2022
With Google Cloud Next happening this week, there’s been some recent water cooler talk - okay, informal, ad hoc Zoom calls - where discussions about what makes Google Cloud Platform (GCP) unique when it comes to security. A few specific differences have popped up here and there (default data encryption, the way IAM is handled, etc.), but, generally speaking, many of the principles that apply to all other cloud providers apply to GCP environments... Read Rapid7's Blog Here
September 21, 2022
Talk in the market continues to swirl around extended detection and response (XDR) solutions. What are they? What are the benefits? Should my team adopt XDR, and if yes, how do we evaluate vendors to determine the best approach?... Read Rapid7's Blog Here.
April 21, 2022
For the second year in a row, Rapid7 has been named a Visionary in the Gartner® 2022 Magic Quadrant for Application Security Testing. We believe we accomplished this by combining an industry-leading dynamic application security testing (DAST) solution with container and cloud security, security across the software development life cycle (SDLC), strategic partnerships, and a customer-centric approach that anticipates the needs of not just security teams but DevOps teams as well. All in a package that is easy to utilize and highly accurate... Read Rapid7's Blog Here.
March 30, 2022
Rapid7 has completed remediating the instances of Spring4Shell (CVE-2022-22965) and Spring Cloud (CVE-2022-22963) vulnerabilities that we found on our internet-facing services and systems. For further information and updates about our internal response to Spring4Shell, please see our post here... Read Rapid7's Blog Here.
March 25, 2022
As security professionals, we are currently being bombarded with warnings and alerts of a heightened threat level due to the possibility that Russia will start to more aggressively leverage cyberattacks as part of their offensive. If you are feeling the pressure of getting everything done, check out this post that identifies the 8 most important emergency conflict actions for your security program... Read Rapid7's Blog Here.
March 23, 2022
The widespread growth in cloud adoption in recent years has given businesses across all industries the ability to transform and scale in ways never before possible. But the speed of those changes, combined with the increased volume and complexity of resources in cloud environments, often forces organizations to choose between slowing the pace of innovation or taking on massive amounts of unmanaged risk... Read Rapid7's Blog Here.
March 22, 2022
Recently, CISA released their Shields Up guidance around reducing the likelihood and impact of a cyber intrusion in response to increased risk around the Russia-Ukraine conflict. This week, the White House echoed those sentiments and released a statement about potential impact to Western companies from Russian threat actors. The White House guidance also included a fact sheet identifying urgent steps to take. Given the urgency of these warnings, many information security teams find themselves scrambling to prioritize mitigation actions and protect their networks... Read Rapid7's Blog Here.
March 16, 2022
The immutable truth that vulnerability management (VM) programs have long adhered to is that successful programs should follow a consistent lifecycle. This concept is simply a series of phases or steps that have a logical sequence and are repeated according to an organization’s VM program cadence... Read Rapid7's Blog Here.
March 15, 2022
The Lapsus$ ransomware gang’s modus operandi seems to be evolving. Following the recent data breaches of Nvidia and Samsung, on March 10, 2022, the Lapsus$ ransomware gang posted a message on their Telegram channel claiming that they were looking to recruit employees/insiders of companies in the telecommunications, software/gaming, call center/BPM, and server hosting industries... Read Rapid7's Blog Here.
March 10, 2022
The US Congress is poised to pass the Cyber Incident Reporting for Critical Infrastructure Act of 2022. Once signed by the President, it will become law. The law will require critical infrastructure owners and operators to report cyber incidents and ransomware payments. The legislation was developed in the wake of the SolarWinds supply chain attack and recently gained additional momentum from the Russia-Ukraine conflict. This post will walk through highlights from the law. Rapid7 supports efforts to increase transparency and information sharing in order to strengthen awareness of the cybersecurity threat landscape and prepare for cyberattacks. We applaud passage of the Cyber Incident Reporting for Critical Infrastructure Act... Read Rapid7's Blog Here.
February 23, 2022
At IntSights, a Rapid7 company, our goal is to ensure organizations everywhere understand the threats facing them in today's cyber landscape. With this in mind, we took a focused look at the insurance industry — a highly targeted vertical due to the amount of valuable data these organizations hold. We've collected our findings in the “2022 Insurance Industry Cyber Threat Landscape Report," which you can read in full right now... Read Rapid7's Blog Here.
December 14, 2021
Like the rest of the security community, we have been internally responding to the critical remote code execution vulnerability in Apache’s Log4j Java... Read Rapid7's Blog Here.
December 06, 2021
Cloud and container technologies are being increasingly embraced by organizations around the globe because of the efficiency, superior visibility, and control... Read Rapid7's Blog Here.
November 10, 2021
Since the founding of tCell by Rapid7, our web application and API protection solution, we’ve prided ourselves on providing both breadth and depth of... Read Rapid7's Blog Here.
October 15, 2021
Threat intelligence is a critical part of an organization's cybersecurity strategy, but given how quickly the state of cybersecurity evolves, is the traditional mode... Read Rapid7's Blog Here.
July 06, 2021
This is the second consecutive time our SaaS SIEM—InsightIDR—has been named a Leader in this report... Read Rapid7's Blog Here.
March 25, 2021
While the definition of threat hunting may be straightforward—proactively hunting for threats—the reality of implementing a threat-hunting program is a bit more complicated, as there are different threat-hunting methodologies to choose from... Read Rapid7's Blog Here.
March 10, 2021
We’re excited to announce we have expanded the Network Traffic Analysis (NTA) capabilities in InsightIDR to support Amazon Web Services (AWS) environments. This means InsightIDR and MDR customers can now ingest detailed network data from AWS, including north/south and east/west traffic across a customer’s Virtual Private Clouds (VPCs). This highly detailed traffic data allows a customer to understand user and application activity throughout an AWS environment... Read Rapid7's Blog Here.
February 22, 2021
Today’s security teams are facing more complexity than ever before. IT environments are changing and expanding rapidly, resulting in proliferating data as organizations adopt more tools to stay on top of their sprawling environments. And with an abundance of tools comes an abundance of alerts, leading to the inevitable alert fatigue for security operations teams... Read Rapid7's Blog Here.
February 19, 2021
A modern methodology for vulnerability management (VM) is vital for organizations looking to minimize attack surfaces by prioritizing potential threats. This includes identifying, evaluating, treating, and reporting on security risks across key systems and the software that runs on them... Read Rapid7's Blog Here.
December 22, 2020
Since 2018, thousands of enterprises have utilized InsightVM’s Goals and SLAs feature to build their organization-specific security goals22... Read Rapid7's Blog Here.
November 23, 2020
In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of the Microsoft SQL Server... Read Rapid7's Blog Here.
November 10, 2020
In this blog, we cover the top five multi-groupby queries that can be used to visualize network sensor data with the Insight Network Sensor... Read More.
November 03, 2020
There are many potential causes of security breaches, but what is a common root cause? Human error... Read Rapid7's Blog Here.
November 02, 2020
A Content Security Policy is a protocol that allows a site owner to control what resources are loaded on a web page by the browser, and how those resources may be loaded... Read Rapid7's Blog Here.
October 30, 2020
For National Cybersecurity Awareness Month, we rounded up tips from our network of experts to help you easily shore up your approach to cybersecurity... Read Rapid7's Blog Here.
October 26, 2020
This blog post will give you a ballpark best practice that applies to the majority of environments, as well as some descriptions that outline the thought process, math, and reasoning... Read Rapid7's Blog Here.
October 19, 2020
In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of IMAP and POP... Read Rapid7's Blog Here.
October 15, 2020
Rapid7 is excited to announce Enhanced Endpoint Telemetry (EET) in our SIEM, InsightIDR... Read Rapid7's Blog Here.
October 13, 2020
In this installment of our security planning series, we’ll explore the importance of reliable detections to drive an efficient security program forward... Read Rapid7's Blog Here.
October 09, 2020
Our research team looks into the increase in RDP attacks against RDP servers without multi-factor authentication enabled and helps organizations strengthen their infrastructure against these attacks... Read Rapid7's Blog Here.
October 08, 2020
In this post, we’ll cover how InsightVM helps teams tackle operational challenges, maximize resources, and prove the value and ROI of their efforts... Read Rapid7's Blog Here.
October 06, 2020
The U.S. Department of Treasury issued an advisory warning that paying ransoms to cybercriminal groups risks violating sanctions. Rapid7 has previously recommended that victims not pay ransom, and urges organizations to focus on ransomware prevention and recovery... Read Rapid7's Blog Here.
October 05, 2020
In this blog post, we will discuss why vulnerability management is critical for any organization looking to reduce risk... Read Rapid7's Blog Here.
October 01, 2020
We are excited to announce the launch of our new Active Response capability as a part of our MDR Elite service... Read Rapid7's Blog Here.
September 17, 2020
Let’s talk about the reality of the remediation process today. We know it is often a cumbersome and time-consuming process, and it can be challenging for a Security team to work with IT Operations and Development teams, servicing many assets and owners. There isn’t a vulnerability management team on the planet that hasn’t been affected by productivity-draining reporting, emails, ticketing, and one-off vulnerability verification requests... Read Rapid7's Blog Here.
September 14, 2020
Vulnerability management programs look different depending on the available resources and specific risks your organization faces. While both identifying and evaluating possible threats are important steps, the most time-consuming step is actually treating the vulnerability. Read Rapid7's Blog Here.
August 28, 2020
Managing the totality of vulnerabilities in your IT environment is a tall order. To run your vulnerability management program as a well-oiled machine, you need all the pieces in place, from visibility of all of your assets to effective reporting mechanisms that demonstrate value. But even with the best laid plans, taking full control of the wheel requires technology that supports the goals of your program... Read Rapid7's Blog Here.
June 18, 2020
Network Traffic Analysis is available within InsightIDR and MDR via the Insight Network Sensor. This is an installable package for Linux systems. We have more information about the install process on our sensor help site. The Insight Network Sensor is available to all customers, and we also have an add-on available for customers who want access to network flow type data... Read Rapid7's Blog Here.
March 19, 2020
We are now living in challenging times due to the COVID-19 outbreak as we work from home, self-isolate, and protect the vulnerable. I must say a big thanks to my employer, Rapid7, for having a robust system that enables working from home. Our IT teams have worked around the clock to expand services for remote workers so that we can continue to deliver value for our customers. Well done, all!... Read Rapid7's Blog Here.
March 16, 2020
We have rapidly entered a new era of living with a global pandemic. As a result, many are working from home - at kitchen tables, sitting on the sofa, or typing at a desk next to the bed. With very little notice, our work and personal lives have changed, and we don’t know how long this will last. Without any talk of FUD (fear, uncertainty, doubt), it got me thinking about how we can stay safe online in this new world." Read Rapid7's Blog Here.
March 12, 2020
Continuously monitoring your network activity for signs of attack is a great way to catch hackers and breaches before they become problems. However, network traffic data can be overwhelming based on the sheer amount generated, not to mention its confusing complexity. Wading through the noise is a top priority for security professionals so they can detect threats early and react swiftly... Read Rapid7's Blog Here.
March 03, 2020
Organizations continue to host vulnerable, internet-exposed systems that are being targeted by attackers. Simultaneously, attackers are targeting valid user accounts as their preferred method for breaching an environment... Read Rapid7's Blog Here.
March 02, 2020
There’s nothing quite like attending the annual RSA security conference in San Francisco, but amid the noise of more than 40,000 attendees, hundreds of vendors, and a whirlwind of information, it can be tough to pull out key messages to take back to our desks... Read Rapid7's Blog Here.
February 28, 2020
The 2019 Forrester Total Economic Impact™ of Rapid7 InsightVM found that our customers saw a 60% reduction in effort for patching, thanks to automation and improved workflows, especially through integrations with popular patching software. But just how can automation improve your security team’s patching efficiency?... Read Rapid7's Blog Here..
February 21, 2020
Global IT staffing shortages are on the rise, and the number of security threats continues to grow, along with the number of tools security professionals use to address these threats. Because of this, security teams oftentimes feel overwhelmed by the sheer amount of alerts they receive on a daily basis... Read Rapid7's Blog Here.
February 20, 2020
Gartner’s Magic Quadrant reports offer a framework for evaluating technology vendors in a given space. In the case of the Magic Quadrant for SIEM, technology providers were measured on two axis: completeness of vision and ability to execute... Read Rapid7's Blog Here
February 05, 2020
If you use a cloud provider like AWS, you know there are some security features you can access for free, such as AWS Security Hub, AWS Identity & Access Management, and AWS Firewall Manager. Unfortunately, as we covered in part one of this series, that’s not enough coverage for what many organizations need in today’s cloud environments, especially considering the fact that cloud providers can only protect the core infrastructure... Read Rapid7's Blog Here.