Hi [[ session.user.profile.firstName ]]

IT Security by Rapid7

  • Date
  • Rating
  • Views
  • Rapid7 InsightVM: Vulnerability Management Announcement
    Rapid7 InsightVM: Vulnerability Management Announcement Ken Mizota and Nathan Palanov Recorded: Apr 19 2017 44 mins
    Developed on the power of the cloud, InsightVM is designed to provide live answers to your most critical security questions. The live monitoring gathers data, whether via agents or agentless, so you can see the risk posed by your entire network, including cloud, virtual and endpoints. Join Ken Mizota and Nathan Palanov from Rapid7 to learn more and to see InsightVM in action.
  • Detect Attacks by Combining UBA, Deception, and EDR
    Detect Attacks by Combining UBA, Deception, and EDR Eric Sun Recorded: Mar 30 2017 50 mins
    It’s challenging to build out your Incident Detection & Response program when you’re wading in alerts and expected to cover cloud services, contractors, and remote workers. In this session, Eric Sun will cover best practices from Rapid7’s Incident Response and Penetration Test teams and share how orgs are combining detection technologies to find intruders earlier in the attack chain.
    This webcast will cover:
    - Review the top attack vectors behind breaches
    - How security teams are using user behavior analytics today
    - The role of deception technology in a complete detection strategy
    - Why the endpoint matters, and not just for detection
    - Rapid7's approach and vision for Incident Detection and Response
  • Embracing The Attacker Mindset
    Embracing The Attacker Mindset Wade Woolwine and Jason Beatty Recorded: Mar 21 2017 61 mins
    Defense-in-depth is a topic that has been discussed in the infosec world for the better part of the last 15 years. The reality is that very few organizations have successfully implemented these principles. When we speak to customers, we often find that the reason usually relates back to being so familiar with your intended architecture or business model that it’s difficult to switch perspectives and build with an outsider’s view as well.

    Join Jason Beatty and Wade Woolwine for a lively conversations on:

    The prerequisite steps you need to collect important information
    Embracing the attacker mindset to design your strategy
    Building your defense in depth strategy on paper
    Applying a real use case to solidify the topics
    Participants will better understand defense-in-depth principles, the information needed to start building your strategy and how to understand the attacker mindset that will shape this strategy.
  • Responding to Advanced Threats & Malware the MDR Way
    Responding to Advanced Threats & Malware the MDR Way Tim Stiller Recorded: Mar 14 2017 25 mins
    Continuous threat detection means being able to identify threats – both known and unknown – and intruder movement from the endpoint to the cloud.
    Over the course of his career, Tim Stiller has responded to a variety of malware-based threats and developed an arsenal of automated tools to aid in hunting efforts. In this webcast he’ll talk through several real-world threat scenarios, outline common trends and “gotchas,” and provide best practices on how to triage malware.
  • How to Secure Dynamic Cloud Environments
    How to Secure Dynamic Cloud Environments Jane Man and Justin Prince Recorded: Mar 7 2017 51 mins
    Cloud infrastructure services is a fast-growing market; in 2016, led by Amazon Web Services and Microsoft Azure, the market grew by over 50%. Clearly, more and more enterprises are realizing the benefits of being able to operate at scale without the need to invest in and maintain their own hardware. While the dynamic nature of cloud computing comes with great benefits, it also presents new security challenges for enterprises. Security programs need to be able to automatically scale and adapt as the cloud environment changes.
    Join Jane Man, Product Manager and Justin Prince, Security Engineer from Rapid7 to learn:
    - Why you should secure your cloud assets and infrastructure
    - Best practices and security policies for dynamic environments
    - How to automate security assessment in the cloud using Nexpose
  • Under The Hoodie: Actionable Research from Penetration Testing Engagements
    Under The Hoodie: Actionable Research from Penetration Testing Engagements Tod Beardsley and Andrew Whitaker Recorded: Feb 23 2017 43 mins
    Join Andrew Whitaker and Tod Beardsley in a webcast overview of Rapid7's recently published paper, "Under the Hoodie: Actionable Research from Penetration Testing Engagements." In this webcast, Andrew and Tod will cover the major findings from our latest research, including the vulnerabilities and misconfigurations most often found on our engagements, the effects of account lockouts and two-factor authentication on pen testers, and the most effective countermeasures you can take to detect and prevent criminal hackers from breaking into your network.
  • Exiting the Matrix: Metasploit's Hardware Bridge
    Exiting the Matrix: Metasploit's Hardware Bridge Craig Smith Recorded: Feb 21 2017 41 mins
    Join Craig Smith, Research Director of Transportation Security at Rapid7, as he discusses the new Metasploit Hardware Bridge and how to use this new capability for pen testing hardware and IoT devices.

    We'll discuss:
    - The importance of developing and testing hardware exploits, and why the hardware bridge in Metasploit is a game changer
    - A walk through on using Metasploit to test hardware devices, with a focus on automotive research
    - Overview of additional uses of the hardware bridge for security researchers and hardware manufacturers
  • Ransomware: Don't Believe The Hype of Vendors
    Ransomware: Don't Believe The Hype of Vendors Matthew Hathaway Recorded: Feb 14 2017 56 mins
    A number of Rapid7's customers have been evaluating the risks posed by the swift rise of ransomware as an attack vector. As of today, there is no known method for recovering lost data without cooperating with the criminals responsible for the ransomware. Of course, backing up valuable data before an attack is critical in order to recover from this kind of attack.

    Join Matthew Hathaway, Senior Managers of Solution Marketing to cover:

    - Snake oil sales techniques around ransomware
    - Best ways to protect your organization from this threat
    - Disaster recovery processes to have in place
    - And more!
  • The Countries Most Vulnerable to Cyber Attacks
    The Countries Most Vulnerable to Cyber Attacks Bob Rudis and Tod Beardsley Recorded: Feb 7 2017 58 mins
    Rapid7's research team has identified and ranked the 50 countries most exposed to hacking, based on the prevalence of insecure networks and internet channels around the world.

    This webcast will discuss insights into global exposure to common vulnerabilities through internet-wide surveys across different services and protocols. Join us to learn what these most vulnerable countries are.
  • Endpoint Visibility: SIEM's Gaping Blind Spot
    Endpoint Visibility: SIEM's Gaping Blind Spot Matthew Hathaway Recorded: Feb 2 2017 52 mins
    Why has SIEM become a four-letter word for so many organizations? A major reason: despite its obvious exclusion from the term Security Information and Event Management, marketers and sales teams have promised the "detection" panacea for nearly two decades.

    But while there are certainly IOCs and rules providing detection in SIEMs, most malicious activity is seen on endpoints, triaged using vague alerts, and painfully investigated in the SIEM's centralized logs.

    In this webcast you'll learn:
    - What makes endpoint visibility mandatory for your SIEM strategy
    - The kinds of endpoint integrations that are likely to frustrate
    - How to rethink SIEM data collection and analysis for better detection

Embed in website or blog