Hi [[ session.user.profile.firstName ]]


  • Date
  • Rating
  • Views
  • Cloud Security Isn’t Just Security on Someone Else’s Computer
    Cloud Security Isn’t Just Security on Someone Else’s Computer
    Wade Woolwine, Director of Technology for Rapid7’s Managed Services Recorded: Jun 11 2019 56 mins
    How many times have you heard the phrase “the cloud is just someone else’s computer”? While this is mostly true, this kind of thinking sets a dangerous mindset when it comes to securing your assets in cloud-based services.

    Join Wade Woolwine, Director of Technology for Rapid7’s Managed Services as he discusses various threat prevention, detection, and response strategies for Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). At the conclusion of this webinar, you’ll be equipped with use cases including:

    1. Monitoring strategies for Microsoft O365
    2. Secure SDLC strategies for web applications and APIs in AWS
    3. Defense in depth and least privilege strategies for hosted infrastructure
  • Groundhog Day - Waking Up from the Security Nightmare
    Groundhog Day - Waking Up from the Security Nightmare
    Brian Carey, Manager of Advisory Services, Rapid7 Recorded: Jun 11 2019 46 mins
    Do you feel sometimes that you are living the movie Groundhog Day? That each day, week, month or quarter you are waking up to the same cybersecurity problems and challenges? Are you struggling to make progress on key projects or initiatives?

    If this sounds familiar, join Rapid7’s Brian Carey as he discusses leveraging the CIS Top 20 Controls for success. Some of the topics Brian will cover include:

    1. Strategies for understanding your environment
    2. Protecting your environment
    3. Preparing your organization for the challenges that lay ahead
  • Building a Security Strategy to Encompass the Internet of Vulnerable Things
    Building a Security Strategy to Encompass the Internet of Vulnerable Things
    Deral Heiland, IoT Research Lead, Rapid7 Recorded: Jun 10 2019 24 mins
    With IoT expanding into every corner of our world it becomes critical to create a strategy to successfully secure your organization. But, where should you start when creating an IoT strategy for your organization?

    Join Rapid7’s IoT research lead, Deral Heiland, to learn how to protect your organization in today’s IoT-centric world. Some of the topics Deral will discuss include:

    1. IoT guidelines that have been created or are currently under construction by civilian and government standards organizations
    2. What these guidelines mean for citizens and organizations
    3. How these various recommendation can be effectively used to build a robust IoT security strategy for your organization
  • [PANEL] IoT Security Strategy Best Practices
    [PANEL] IoT Security Strategy Best Practices
    Deral Heiland, Rapid7 | Sandy Carielli, Entrust Datacard Recorded: Jun 10 2019 42 mins
    As the world becomes increasingly connected, we have become more vulnerable to IoT threats and attacks. Having a comprehensive and strong security strategy in place is vital to organisational success.

    Join this exclusive panel of industry experts as they discuss:
    - IoT Security Maturity Model
    - Trends in cyber-attacks and breaches affecting the IoT
    - How to proactively prevent breaches and attacks
    - New in IoT Security
    - Security Strategy recommendations for CISOs

    Panelist confirmed:
    - Deral Heiland, IoT Research Lead, Rapid7
    - Sandy Carielli, Director of Security Technologies, Entrust Datacard
  • Live Dragons and Incident Response Plans
    Live Dragons and Incident Response Plans
    Jeremiah Dewey, Senior Director, Global Consulting, Rapid7 Recorded: Jun 6 2019 54 mins
    J. R. R. Tolkien may not be the obvious starting point for incident response planning, but he definitely had a good deal to say about the perils of dragons. As his character, Gandalf correctly states in the story of the Hobbit “It does not do to leave a live dragon out of your calculations, if you live near him.” – very wise words indeed. Unless you’re reading this from Middle Earth, we’re pretty sure there aren’t any actual dragons living in your neighborhood, so during this webcast we’ll be focussing on how you can be well prepared in case of analogous ones by having a solid and relevant incident response plan. Join Jeremiah Dewey, seasoned incident response wizard (not his actual job title, although it probably should be), to ensure your organization’s IR plans are analogous-dragon-ready.

    In this session, you’ll hear about:

    1. What your incident response plans should cover (and what they should not)
    2. Who you should involve in the IR planning process
    3. How you can use threat modeling and business impact as your guide
    4. When you should review and update your IR plans
    5. Why you should put your IR plans through their paces outside of a real incident
  • Java Serialization: A Practical Exploitation Guide
    Java Serialization: A Practical Exploitation Guide
    Tod Beardsley, Research Director at Rapid7 and Jon Hart, Principal Security Researcher at Rapid7 Recorded: May 28 2019 48 mins
    Java Serialized Objects (JSOs) are a mechanism to allow for data exchange between Java services. Because they also give attackers a stable and reliable vector for gaining remote control of systems running Java applications, they are increasingly responsible for vulnerabilities and public exploits against internet-accessible services. Join Tod and Jon as they discuss the exposure of Java Serialized Objects and the recent uptick in vulnerability research around JSO exploitation, culminating in Rapid7’s most recent research report, Java Serialization: A Practical Exploitation Guide.
  • The CISO's Role in Technology Decisions
    The CISO's Role in Technology Decisions
    Scott King, Senior Director of Advisory Services at Rapid7 Recorded: May 23 2019 60 mins
    Every security leader runs into this challenge at multiple points in their career. How can you support your team and their technology needs, while ensuring alignment with the business and not overreaching to make vendor selections? This issue can easily put security leaders at odds with their teams charged with engineering and operating the technology that manages risk and enables the protection of company data and systems.

    Join Rapid7’s Scott King for an interactive webcast where he will share his personal experiences as the security leader for one of America’s largest energy companies and how he navigated these potentially treacherous waters.
  • Have no Fear, Security Automation is Here
    Have no Fear, Security Automation is Here
    Sydney Coffaro, InsightConnect Product Specialist Recorded: May 16 2019 25 mins
    Security automation is a hot topic today, as security teams are looking to effectively leverage technology to make their security operations run more smoothly. With automation all the rage, comments like “we should be automating more” are becoming an ongoing theme. Dedicating time and resources to implement automation is often viewed as a huge level of effort, but adding automation to your most time-intensive security processes doesn’t have to be an intimidating undertaking. Did you know that with a small investment, you can realize tremendous ROI and value from automation, faster than ever before?

    In this demo of InsightConnect, you will learn about:
    1. Overview of automation workflow building blocks
    2. Real use cases teams struggle with today, including phishing, SIEM investigation and response, patching, and more
    3. How you can integrate security automation and orchestration into your existing SecOps programs
    4. How automation will improve efficiency across the processes and tools you’re executing manually today
  • Shoot for the...Cloud? Getting started with security in AWS
    Shoot for the...Cloud? Getting started with security in AWS
    Josh Frantz, Senior Security Consultant Recorded: May 2 2019 52 mins
    Is your organization moving to Amazon Web Services? Or are you a seasoned AWS pro, but need to know where to start to secure it?

    It’s a fact—Cloud environments aren’t going away anytime soon. Cloud adoption is expected to grow at 12.4% annually until 2025. When you need to get started in a new cloud environment, or secure an existing one, vulnerability management is the place to start.

    Join Josh Frantz to learn the fundamentals of setting up vulnerability management in your cloud environment and common pitfalls to watch out for. You may even pick up a few good wise cracks along the way.

    In this webinar we will cover:

    1. The future of the cloud infrastructure landscape
    2. Some common misconceptions. Did you know AWS doesn’t secure your environment for you?
    3. Vulnerability Management best practices
    4. How Rapid7 and InsightVM can help
  • Slaying the Beast! Getting your arms around your vuln management program.
    Slaying the Beast! Getting your arms around your vuln management program.
    Caspian Kilkelly, Senior Advisory Services Consultant Recorded: Apr 16 2019 48 mins
    Security isn't just about boundaries and defenses. Maintenance, especially in the form of patching, mitigation and threat reduction, are often just as important as a solid set of firewall rules for reducing an attacker's ability to compromise your systems or networks.

    For most security departments, this maintenance comes in the form of a vulnerability management program. Typically, these include patching, scanning, testing, mitigation- when they're done properly, they can prevent incidents before they happen. Vulnerability management is the key to a strong security program in any enterprise, but it's also a lot of work.

    In this webcast, we'll talk about why most security teams need vulnerability management, who to work with to get it done, and strategies to reduce the workload.

Embed in website or blog