4 min
Automation and Orchestration
Building a Tech Stack to Enable Security Orchestration and Automation
In this blog post, we explore how to plan for security orchestration and automation while building out your technology stack. Learn more.
2 min
Automation and Orchestration
How Security Automation Helps You Work Smarter and Improve Accuracy
Many of us, across many different industries, have to make decisions amidst a
multitude of different input and alerts. Wherever possible, automating certain
responsibilities can aid tremendously in reducing the manual workload, helping
us cut down on human error and make better decisions.
Take the aviation industry, where autopilot technology helped alleviate some of
the elongated, mentally taxing tasks (such as fighting turbulence while flying
the plane by hand for hours on end). In this case,
3 min
Automation and Orchestration
Do You Need Coding Resources on Your Security Team?
Often when security teams think about security automation
[https://www.rapid7.com/fundamentals/security-automation/], they worry they
don’t have the coding capabilities needed to create, implement, and maintain it.
Pulling development resources from the IT team or engineering department can
take time; backlogs are long, and revenue-generating projects tend to take
priority. Another option is to hire an IT consultant, but this can be pricey and
may not be sustainable long-term.
Instead, some sec
3 min
Application Security
In Our Customers’ Words: Why Mastering Application Security Basics Matters
In a recent conversation with a Rapid7 application security customer, I was
reminded how much of a security practitioner’s day can be consumed by
troubleshooting buggy tools and manually executing the same tasks over and over
again (needlessly, may I add). As much as we’d like to think that security
professionals’ time is being efficiently utilized, oftentimes inadequate tools,
a lack of automation, and organizational silos impede SecOps-driven
[https://www.rapid7.com/solutions/secops/] progress
6 min
Automation and Orchestration
Top Three Questions to ask Security Orchestration and Automation Vendors
If you’ve been in cybersecurity for some time, you’ve likely heard about the
many benefits of security orchestration and automation
[https://www.rapid7.com/solutions/security-orchestration-and-automation/]: time
saved, costs reduced, risk exposure mitigated ... the list goes on. And as this
popular technology proliferates across our industry, you have more options than
ever before when it comes to choosing a security orchestration, automation, and
response (SOAR) solution.
It’s important to not
4 min
Automation and Orchestration
How Security Orchestration and Automation Will Unite Infosec
After working in the security industry for 15 years, one of the consistent
themes I’ve observed is how teams struggle with balancing the increasing amount
of work they have to do, without an increase in resources to accomplish their
goals. But there’s another, less obvious problem that I like to refer to as a
different kind of SaaS: “security as a silo.”
It should be no surprise that large organizations frequently struggle with silos
that create friction and miscommunication—barriers that get i
3 min
InsightVM
Incorporating Automated Actions Into Your Vulnerability Management Process
In today’s security climate, we all want to know that our data is as current as
possible. Often, customers will increase their vulnerability scanning
[https://www.rapid7.com/fundamentals/vulnerability-management-and-scanning/]
frequency to weekly or even daily to meet the needs of an ever-changing
environment. However, this requires a lot of resources and generates tons of
data while making it difficult to identify only what has changed.
This is exactly why we developed automated actions withi
6 min
Automation and Orchestration
How to Choose a Security Orchestration and Automation Platform
In the market for a security orchestration and automation platform
[https://www.rapid7.com/solutions/security-orchestration-and-automation/] but
don’t know what solution is right for you? Or perhaps you’ve made some rushed
decisions with past products and want to take a more careful approach this time
around? We get it — sifting through all different security orchestration
[https://www.rapid7.com/fundamentals/security-orchestration/] options on the
market today is no walk in the park. At the end
4 min
Automation and Orchestration
How to Securely Handle a Lost or Stolen Device: A Practical Workflow
It’s 10pm and you receive an email from a teammate that their laptop was stolen
at a local networking event. You learn that not only was their computer
unlocked, but they were logged into their company email and Salesforce accounts
at the time the device was stolen.
Devices like laptops and phones hold a lot more value than the technology
itself. Everything from customer data to company files and account logins are
stored and easily accessible on these devices, making them easy targets for data
4 min
Automation and Orchestration
Security Career Paths: Common and Unique Roles
Security is one of the most in-demand roles today. According to recent numbers
[https://www.csoonline.com/article/2953258/it-careers/cybersecurity-job-market-figures-2015-to-2019-indicate-severe-workforce-shortage.html]
, the demand for security workers is expected to grow to 6 million worldwide by
2019. So how do you get into or grow your career in security?
What makes security so interesting is the many directions you can take —
traditional or not. This post will walk you through how to build
2 min
Automation and Orchestration
Why Security Teams Should Embrace (Not Fear) Automation
It’s not the coming of the apocalypse. It’s not the end of the security
profession. And it’s certainly not a bad thing. We’re talking about the rise of
automation. As security threats become a bigger part of the day-to-day concerns
at all types of organizations, bringing in machines has become necessary to keep
up. In fact, security automation can help you become even more valuable as an
employee. Being at the heart of the security orchestration and automation
[https://www.rapid7.com/solutions/s
1 min
Komand
Everything You Need to Know About Building a Career in Security
Are you thinking about pursuing a career in security? Or have you already
started one, and you’re wondering what it will take to get to the next level?
Perhaps you have been in the security field for a long time, and it’s starting
to feel a little stale?
Regardless of where you are in your journey, we’ve put together a helpful guide
full of valuable information and real-world anecdotes about what it means to
pursue this dynamic and challenging vocation.
Free eBook: Defining Your Career Path as
3 min
Komand
SOC Series: How to Choose the Right Skills for Your SOC
Do you have the right mix of skills in your security operations center (SOC)
[https://www.rapid7.com/fundamentals/security-operations-center/]? Whether your
SOC is brand new or has been around for years, you need to be sure it’s built to
meet the demands of today’s complex security landscape.
In this post, we’ll define the most important skills any SOC should have today
so you can be sure to have the right mix of people to safeguard your business.
Effective Team and Communication Skills
Regard
3 min
Automation and Orchestration
How to Password Protect Apache Directories with mod_authn_dbd and MySQL on Ubuntu Linux
Synopsis
The mod_authn_dbd is an Apache module that provides the functionality for Apache
to authenticate users with MySQL database. This module provides authentication
front-ends such as mod_auth_digest and mod_auth_basic to authenticate users by
looking up users in MySQL tables. Apache’s mod_authn_dbd supports a wide range
of drivers such as, ODBC, MSSQL, SyBase, MySQL, Oracle, PostgreSQL and SQLite.
This module allows execution of arbitrary SQL for user / password matching and
also support al
3 min
Automation and Orchestration
How To Secure Apache with Let's Encrypt on Ubuntu Linux
Synopsis
Improving your website security has generally been most complicated and
expensive task for every Linux administrator. Let’s Encrypt is a free,
automated, and open certificate authority that provides free X.509 certificates
for Transport Layer Security encryption via an automated process. It is very
complex process to install and add an SSL certificate to a web server. You can
make it easier with the help of Let’s Encrypt. You can easily encrypt data of
your website free of charge using