7 matches found
Cyber Threat Exposure Management: A 5-Step Guide
Attackers don’t care about your long list of CVEs. They look for the path of least resistance to your most valuable assets. So, why are we still managing security from a defender’s checklist instead of an attacker’s playbook? A modern security program needs to see the entire attack surface throug...
A Guide to Exposure Management Cybersecurity Best Practices
Attackers don't think in terms of CVE scores. They look for the path of least resistance, whether it's a forgotten server, a misconfigured cloud bucket, or an exposed API. While your team is busy prioritizing a long list of software flaws, a real threat could be exploiting a simple oversight that...
5 Exposure Management Best Practices for Your Team
Let's be honest: the traditional approach to vulnerability management is broken. Your team is likely drowning in a sea of alerts, staring at scan reports thousands of lines long, and struggling to figure out what to fix first. This constant state of reactive fire-fighting is exhausting and, worse...
Beyond CVSS: Critical CVE Vulnerabilities Analysis
Attackers don't care about your CVSS scores. They care about finding a path into your network. That path might not be a single, glaring "critical" vulnerability. Often, it’s a chain of lower-severity weaknesses on overlooked assets that, when combined, give them the keys to the kingdom. This is w...
CISA and UK NCSC Release Joint Guidance for Securing OT Systems
CISA, in collaboration with the Federal Bureau of Investigation, the United Kingdom’s National Cyber Security Centre, and other international partners has released new joint cybersecurity guidance: Creating and Maintaining a Definitive View of Your Operational Technology OT Architecture. Building...
Rapid7 Podcast Explores Hybrid-First Workplace Learnings
As the world continues to navigate the post-pandemic shift in work environments, Rapid7 is operating on a hybrid-first approach that balances flexibility and productivity with collaboration and optimizing for customer success. In the spirit of cross-collaboration, the People Development and...
Threat Source newsletter (Jan. 19, 2023): Talent retention and institutional knowledge
Welcome to this weeks edition of the Threat Source newsletter. Talent retention and institutional knowledge go hand in hand. Both are critical to ensuring the security of your network environment. To that end, I want to talk briefly about why talent retention isnt just about money. So I am going ...