54 matches found
Proactively Securing Cloud Workloads in the CI/CD Pipeline with Rapid7 and Azure DevOps
As organizations continue to embrace cloud-native development practices, the need for integrated security solutions that seamlessly fit into existing DevOps environments has become more pressing than ever. We recognize this critical need and have added new integration for InsightCloudSec ICS and...
Complete Guide to Protecting Seven Attack Vectors
The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews seven key initial attack vectors and provides proactive security tips to help you reduce cyber risk across the attack surface...
Enabling Proactive Security with Continuous Threat Exposure Management (CTEM) for Managed Service Providers
...
How to Prioritize Cybersecurity Spending: A Risk-Based Strategy for the Highest ROI
As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats coming from all around — and hackers dreaming up new exploits every day — how do you create proactive, agile cybersecurity strategies? And what cybersecurity...
Introducing Advanced Device Control: Shielding businesses from USB threats
With experts noting a troubling threefold surge in USB drive malware incidents in early 2023, Device Control has just leveled up with a key addition: the Advanced Auto Scanning & Block Until Scan feature. Heres the breakdown: When a USB device is connected, ThreatDown now doesnt just control...
Rapid7 Recognized as a Strong Performer in The Forrester Wave™ for MDR, Q2 2023
Rapid7 recognized amongst the top MDR providers in the industry. As security teams try to do more with less, addressing the sprawling attack surface and monitoring the escalating threat and risk landscape, it inherently leaves them at a disadvantage. Rapid7 Managed Threat Complete empowers...
How to Set Up a Threat Hunting and Threat Intelligence Program
Threat hunting is an essential component of your cybersecurity strategy. Whether you're getting started or in an advanced state, this article will help you ramp up your threat intelligence program. What is Threat Hunting? The cybersecurity industry is shifting from a reactive to a proactive...
How an incident response retainer can drive proactive security
Weve written before about the importance of taking a proactive approach to cybersecurity. Whether it be threat hunting, an active defense posture or just improving security instrumentation alerts and logs an organization keeps, its best for every user -- no matter the size -- to be prepared for...
Complete Guide to Protecting 7 Attack Vectors
The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews 7 key initial attack vendors and provides proactive security tips to help you reduce cyber risk across the attack surface...
US Websites Targeted by 40% of the Bad Bot Traffic Worldwide
Bad bot attacks are often the first indicator of fraudulent activity targeting your website. This activity may be over-the-top, like validating stolen user credentials and credit card information to later be sold on the dark web or scraping proprietary data to gain a competitive advantage. Bot...
Be Proactive! Shift Security Validation Left
"Shifting security" left approach in Software Development Life Cycle SDLC means starting security earlier in the process. As organizations realized that software never comes out perfectly and are riddled with many exploitable holes, bugs, and business logic vulnerabilities that require going back...
Microsoft security experts outline next steps after compromise recovery
Who is CRSP? The Microsoft Compromise Recovery Security Practice CRSP is a worldwide team of cybersecurity experts operating in most countries, across both public and private organizations, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the...
Five Eyes Alliance Advisory & Using Threat Intelligence
Trellix Global Defenders: Five Eyes Alliance Advisory and Using Threat Intelligence to Protect Against Future Attacks By Taylor Mullins · May 6, 2022 Evolving intelligence continues to indicate that the Russian government is exploring options to launch cyberattacks in retaliation against...
New Rapid7 MDR Essentials Capability Sees What Attackers See: “It’s Eye-Opening”
The pandemic and remote work shattered your perimeter. Your attack surface has changed — and will keep changing. It’s our mission to help customers strengthen security defenses and stay ahead of evil. As the modern perimeter expands, new and old vulnerabilities emerge as open doors for attackers;...
MITRE ATT&CK® mappings released for built-in Azure security controls
The Security Stack Mappings for Azure research project was published today, introducing a library of mappings that link built-in Azure security controls to the MITRE ATT&CK® techniques they mitigate against. Microsoft once again worked with the Center for Threat-Informed Defense and other Center...
CRSP: The emergency team fighting cyber attacks beside customers
What is CRSP? Microsoft Global Compromise Recovery Security Practice. Who is CRSP? We are a worldwide team of cybersecurity experts operating in most countries, across all organizations public and private, with deep expertise to secure an environment post-security breach and to help you prevent a...
Shifting the focus from reactive to proactive, with human-led secure coding
The same 10 software vulnerabilities have caused more security breaches in the last 20+ years than any others. And yet, many businesses still opt for post-breach, post-event remediation, muddling through the human and business ramifications of it all. But now, a new research study points to a new...
Microsoft Offers Up To $30K For Teams Bugs
Microsoft wants to send the message the company is serious about the security of its popular Teams desktop application and it’s willing to put some cash behind the talk. A new bug-bounty program offers up to $30,000 for security vulnerabilities, with top payouts going to those with the most...
Making Azure Sentinel work for you
Microsoft Azure Sentinel is the first Security Incident and Event Management SIEM solution built into a major public cloud platform that delivers intelligent security analytics across enterprise environments and offers automatic scalability to meet changing needs. This new white paper outlines be...
The European Cybersecurity Blogger Awards 2020 – Meet the Finalists
Qualys is sponsoring the EU Cybersecurity Blogger Awards for 2020, representing a ‘who’s who’ of people that write and share their opinions around the security sector. Ahead of the winners being announced on the 2nd of June, we thought we’d ask some questions around what is taking place in securi...