5 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 8: Rapid7 Incident Response (Breach) Support
Having the best threat detection methodologies, a streamlined and efficient process for validating threats, and a rock-solid reporting standard may still leave you open to unexpected costs.
5 min
MDR Vendor Must-Haves, Part 7: Managed Response Actions
Security teams face unprecedented challenges as the threat landscape expands in scope and complexity. Protecting the organization in today’s environment has led to analyst fatigue, with many organizations struggling to respond to both user and host threats in a timely manner.
2 min
Managed Detection and Response (MDR)
MDR Must-Haves, Part 6: Threat Validation and Detailed Reporting
Engaging a managed security service provider—either a traditional MSSP or MDR provider—should never involve wasting your time.
4 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 5: Multiple Threat Detection Methodologies, Including Deep Attacker Behavior Analysis
The best Managed Detection and Response (MDR) providers use a combination of threat intelligence, User Behavior Analytics (UBA), Attacker Behavior Analytics (ABA), and human threat hunts to provide detection for threats and attackers.
2 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 4: Ingestion of Authentication Data Across Local, Domain, and Cloud Sources
There isn’t a single threat or breach that doesn’t involve attackers using legitimate credentials to cause harm.
2 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 3: Ingestion of Other Technology Investments
By the time you’re ready to invest in a Managed Detection and Response (MDR) service, you’ve likely already invested in a number of different security tools aimed at preventing threats and detecting breaches. MDR is a continued investment in this technology, not always a pure replacement.
3 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 2: Ingestion of Network Device Data
One area that can offer incredible benefits in a Managed Detection and Response provider is the ingestion of network device data.
4 min
Detection and Response
Attack vs. Data: What You Need to Know About Threat Hunting
While the definition of threat hunting may be straightforward—proactively hunting for threats—the reality of implementing a threat-hunting program is a bit more complicated, as there are different threat-hunting methodologies to choose from.
4 min
Managed Detection and Response (MDR)
Rapid7 Recognized as a Strong Performer in the Inaugural Forrester Wave™ for MDR, Q1 2021
Rapid7 has been included among the top vendors in the inaugural Forrester Wave™: Managed Detection and Response, Q1 2021 and recognized as a Strong Performer.
3 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 1: Deep Observation of Real-Time Endpoint Data
Assessing Managed Detection and Response (MDR) vendors is no easy task. However, evaluating each based on predetermined tactical prescriptions for what a provider can offer your business can help ensure you are hiring the right fit for you and your team.
18 min
Zero-Day
Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange
In recent weeks, there has been quite a lot of reporting on the exploitation of the latest disclosed vulnerabilities in Microsoft’s Exchange Server by an attacker referred to as HAFNIUM.
1 min
Detection and Response
InsightIDR’s NTA Capabilities Expanded to AWS
We’re excited to announce we have expanded the Network Traffic Analysis (NTA) capabilities in InsightIDR to support Amazon Web Services (AWS) environments.
11 min
Security Operations (SOC)
Talkin’ SMAC: Alert Labeling and Why It Matters
This blog post will demonstrate some common pitfalls of alert labeling, and offers a new framework for SOCs to use.
3 min
InsightIDR
Introducing Enhanced Endpoint Telemetry (EET) in InsightIDR
Rapid7 is excited to announce Enhanced Endpoint Telemetry (EET) in our SIEM, InsightIDR.
3 min
Research
PSA: Increase in RDP Attacks Means It's Time to Mind Your RDPs and Qs
Our research team looks into the increase in RDP attacks against RDP servers without multi-factor authentication enabled and helps organizations strengthen their infrastructure against these attacks.