13 min
InsightIDR
Import External Threat Intelligence with the InsightIDR Threats API
In this blog, we explain how to automate updating threat feeds in InsightIDR using the REST API.
5 min
Incident Detection
How Attackers Can Harvest Users’ Microsoft 365 Credentials with New Phishing Campaign
In this blog post, Rapid7's MDR services team outlines a unique phishing campaign that utilizes a novel method of scraping organizations’ branded Microsoft 365 tenant login pages to produce highly convincing credential harvesting pages.
8 min
AWS
Automating the Cloud: AWS Security Done Efficiently
Today, we are going to be installing software on all your existing EC2 instances across several (or all!) accounts under an organization in AWS.
4 min
Cloud Infrastructure
Cloud Security Primer: The Basics You Need to Know
What do you need to do to secure your cloud-based systems while enjoying the competitive benefits of the cloud? Read this blog to find out.
4 min
InsightIDR
The Importance of Preventing and Detecting Malicious PowerShell Attacks
In this blog, we will discuss why organizations should care about malicious PowerShell activity, how attackers use PowerShell to steal credentials, and how to prevent and detect malicious PowerShell activity.
5 min
InsightIDR
How to Monitor Your AWS S3 Activity with InsightIDR
In this blog, we discuss AWS S3 buckets and how Rapid7's InsightIDR can help you monitor important activity.
3 min
Cloud Infrastructure
Why the Modern SIEM Is in the Cloud
Let’s talk about why modern SIEM is in the cloud, what core benefits you can expect, and how it is predicted to evolve as we soar toward 2020.
2 min
Research
[Research] Under the Hoodie, 2019 Edition: Lessons Learned from 180 Penetration Tests
Our 2019 Under the Hoodie report covers the measurable results of about 180 penetration tests conducted by Rapid7. Find out what we learned.
4 min
Cloud Infrastructure
Your Guide to Securing Multi-Cloud Environments in an IaaS World
In this post, we’ll cover the unique challenges with securing cloud environments, and some best practices specifically focused on securing multi-cloud infrastructure.
4 min
InsightIDR
Securing Your Cloud Environments with InsightIDR, Part 2: Amazon Web Services (AWS)
In this blog, we will talk about threat detection for the world’s most popular cloud host, Amazon Web Services (AWS).
3 min
InsightIDR
Announcing CyberArk and InsightIDR Integration: Connect CyberArk with InsightIDR to Visualize and Investigate Your Privileged Access
To help companies monitor user behavior, secure privileged access, and identify attacks on passwords, we are teaming up with CyberArk.
3 min
Threat Intel
Rapid7 Threat Report Meets MITRE ATT&CK: What We Saw in 2019 Q1
The Q1 edition of our Quarterly Threat Report is unique because all investigated incidents have been mapped to the MITRE ATT&CK framework.
4 min
InsightIDR
Why Deploying a SIEM Tool Doesn't Need to Be Complicated: A Pirate Story
Ahoy! In this Blackbeard-inspired blog, we will tell ye’ a tale of navigating your SS SIEM, InsightIDR, through the unpredictable waters of cybersecurity to reach Remediation Island.
2 min
Research
Rapid7 Quarterly Threat Report: 2019 Q1
In our recent Quarterly Threat Report, we look at commonly targeted industries, the use of remote entry, and the most common phishing sites by industry.
3 min
InsightIDR
Your Pocket Guide for Cloud SIEM Evaluation
In this post, we’ll quickly review five critical questions to help kick-start your cloud SIEM evaluation.