Hi [[ session.user.profile.firstName ]]

Shoot for the...Cloud?

Is your organization moving to Amazon Web Services? Or are you a seasoned AWS pro, but need to know where to start to secure it?

It’s a fact—Cloud environments aren’t going away anytime soon. Cloud adoption is expected to grow at 12.4% annually until 2025. When you need to get started in a new cloud environment, or secure an existing one, vulnerability management is the place to start.

Join Josh Frantz to learn the fundamentals of setting up vulnerability management in your cloud environment and common pitfalls to watch out for. You may even pick up a few good wise cracks along the way.

In this webinar we will cover:

The future of the cloud infrastructure landscape
Some common misconceptions. Did you know AWS doesn’t secure your environment for you?
Vulnerability Management best practices
How Rapid7 and InsightVM can help
Recorded Mar 12 2020 45 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Daniel Prauser
Presentation preview: Shoot for the...Cloud?

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Cloud Identity Security: Challenges and Solutions Oct 27 2020 3:00 pm UTC 47 mins
    Jeremy Snyder, Senior Director of Solutions Engineering
    Strong identity and access management (IAM) is one key to preventing data breaches and limiting the blast radius should a security incident occur. But cloud IAM presents a new set of constructs for organizations to build and manage. Is cloud IAM the best identity and access control ever, or yet one more reason to tear your hair out in frustration?

    Join Jeremy Snyder, Senior Director of Solutions Engineering from DivvyCloud by Rapid7 as he discusses why managing cloud IAM is so complex, what challenges this creates for IT and cybersecurity professionals, and how leading organizations governing cloud IAM to reduce risk and the chance of a data breach.

    Key takeaways include understanding how to:
    -Gain visibility to assess, prioritize and remediate improper permission combinations that grant unintended or overly permissive access.
    -Reduce access down to least privilege.
    -Work to minimize cloud security blast radius.
  • Looking for an MSSP? Make Sure You Choose Wisely Oct 13 2020 2:00 pm UTC 45 mins
    Jake Godgart, Product Marketing, Managed Services at Rapid7 & Jeff Gardner, D&R Practice Advisor at Rapid7
    With the challenges of finding top security talent, managed security services providers (MSSPs) are an increasingly popular option for a few simple reasons: They provide an affordable, subscription-based security model for teams looking to augment or fully offload the burden of monitoring, managing, and responding to security threats. But not all MSSPs are equal and there are certain elements companies should understand to be sure they’re choosing the right MSSP for their security and business needs.

    Join us to learn about what you should look for in a managed security service partner and what considerations you need to make if you’re going to evaluate building or buying into your Security Operations Centre (SOC).


    Join the webcast to learn about:

    - Alternatives to building a security program from scratch
    - Differences between a Large MSSP and a MidSized MSSP
    - What services your team should invest in at each level of security maturity
    - The questions you should ask when evaluating managed security service providers
    - Top criteria for building and evaluating your shortlist
  • [APAC] This one time on a pen test Oct 8 2020 3:00 am UTC 45 mins
    Tod Beardsley, Research Director, Josh Wyatt, VP Security Services
    While we may play into the hacker hoodie stereotype, our pen testers and researchers are the core of what Rapid7 stands for. They shine a light on attacker behaviour, help us build better tools, and connect with the community.
  • [UK] Under the Hoodie 2020: Report Highlights Oct 7 2020 12:00 pm UTC 45 mins
    Chris Hartley - Regional Director UK & Ireland, Rapid7. Matt Rider - Director, International Engineering, Rapid7
    Rapid7’s Under the Hoodie report is an annual, statistical study of the art of penetration testing. This year, we collected data from 206 penetration testing engagements from June 6, 2019 through June 4, 2020 and distilled it to reveal the most successful penetration tactics and common areas of exploitation.

    Join Rapid7’s Chris Hartley, Director UK & Ireland and Matt Rider, Director, International Engineering, to hear the highlights from this year’s report and stories from the trenches, you’ll also get the opportunity to ask your most pressing questions!
  • [APAC] 5 Reasons to Outsource Detection & Response Operations Oct 1 2020 4:00 am UTC 38 mins
    Chris Hartley - Regional Director for UK & Ireland, Rapid7, and Warwick Webb - Security Practitioner, Rapid7
    Security has played a positive role in enabling business over the recent weeks. This has been demonstrated by allowing remote workforces to remain productive and the hard work of security teams to keep operations running. However all this is putting a strain on the internal resources trying to protect their critical business assets from both external attackers and insider threats.

    At Rapid7 we are taking a practical role in helping ensure security advice and guidance is available for all, and we will be running a series of talk tracks to help provide a measured perspective on how to remain secure and operational with the resources you have.

    Join us for this live talk where Chris Hartley, Director at Rapid7 UK & Ireland, and Warwick Webb, Security Practitioner, will discuss the top 5 reasons why some organisations are looking to augment or outsource their threat detection and response operations including:

    · Talent shortage in cybersecurity and why specialisation is key
    · Business continuity and the impact of ‘always on’
    · Threat intelligence and global visibility of the threat landscape
    · Role of threat hunters in incident response

    We’ll also be joined by customer, Simon Parry from the Development Bank of Wales to reveal how they are using managed services in their own environment and which elements of managed detection and response are most important the success of their security program.
  • This one time on a pen test Sep 30 2020 2:00 pm UTC 45 mins
    Tod Beardsley, Research Director, Josh Wyatt, VP Security Services
    While we may play into the hacker hoodie stereotype, our pen testers and researchers are the core of what Rapid7 stands for. They shine a light on attacker behavior, help us build better tools, and connect with the community.

    Rapid7’s Under the Hoodie report is an annual, statistical study of the art of penetration testing. This year, we collected data from 206 penetration testing engagements from June 6, 2019 through June 4, 2020 and distilled it to reveal the most successful penetration tactics and common areas of exploitation.

    Tune in to hear the highlights from this years report, listen to stories from the trenches, featuring one of our own penetration testers, and get your most pressing questions answered by our team of experts.
  • Case Study: Schutz und Compliance für einen deutschen Energieversorger (German) Sep 29 2020 7:00 am UTC 46 mins
    Benjamin Nawrath, Fachbereichsleiter IT Systemtechnik und CISO, Energie Südbayern
    Deutsche KRITIS-Betreiber stehen immer wieder im Visier der Hacker. Cyber-Kriminelle, Hacker und staatlich finanzierte Akteure haben heute die Motive und die Fähigkeiten, erfolgreich anzugreifen, um sensible betriebliche und Kundendaten zu stehlen, Unternehmen zu erpressen oder kritische Systeme zu stören oder sogar zu zerstören.

    Energie Südbayern (ESB) ist ein Energieversorger und -dienstleister, der Erdgas für rund 160.000 Haushalte in Süddeutschland bereit stellt. Als größter regionaler Anbieter beschäftigt ESB ungefähr 370 Angestellte.

    Benjamin Nawrath, Fachbereichsleiter IT Systemtechnik und CISO bei ESB, ist dafür verantwortlich, die Verfügbarkeit, Integrität, Authentizität und Vertraulichkeit der komplexen IT-Infrastruktur (einschließlich 2.000 IP-Adressen) zu gewährleisten.

    Seit knappen drei Jahren hat die ESB die Kombination aus InsightVM und InsightIDR, den Rapid7-Lösungen für Schwachstellen-Management und Incident Detection and Response, im Einsatz. In dieser Zeit konnte Herr Nawrath nachweislich die Reaktionszeiten auf Incidents um 60% reduzieren, das Bedrohungsniveau durch Schwachstellen senken, und die Einhaltung des deutschen IT-Sicherheitsgesetzes (ITSG) sicherstellen.

    In diesem Webcast berichtet Benjamin Nawrath über seine Erfahrungen mit den Rapid7-Produkten und beantwortet Fragen wie:

    Warum hat er sich für Rapid7 entschieden?
    Wie geht die ESB mit dem Thema Cloud um?
    Wie lief die Implementierung, wie groß war der damit verbundene Aufwand?
    Wie lange hat es gedauert, bis erste Ergebnisse sichtbar waren?
    Wie sieht die tägliche Arbeit mit den Lösungen aus?
  • 5 Reasons to Outsource Detection & Response Operations Sep 24 2020 9:00 am UTC 38 mins
    Chris Hartley - Regional Director for UK & Ireland, Rapid7, and Warwick Webb - Security Practitioner, Rapid7
    Security has played a positive role in enabling business over the recent weeks. This has been demonstrated by allowing remote workforces to remain productive and the hard work of security teams to keep operations running. However all this is putting a strain on the internal resources trying to protect their critical business assets from both external attackers and insider threats.

    At Rapid7 we are taking a practical role in helping ensure security advice and guidance is available for all, and we will be running a series of talk tracks to help provide a measured perspective on how to remain secure and operational with the resources you have.

    Join us for this live talk where Chris Hartley, Director at Rapid7 UK & Ireland, and Warwick Webb, Security Practitioner, will discuss the top 5 reasons why some organisations are looking to augment or outsource their threat detection and response operations including:

    · Talent shortage in cybersecurity and why specialisation is key
    · Business continuity and the impact of ‘always on’
    · Threat intelligence and global visibility of the threat landscape
    · Role of threat hunters in incident response

    We’ll also be joined by customer, Simon Parry from the Development Bank of Wales to reveal how they are using managed services in their own environment and which elements of managed detection and response are most important the success of their security program.
  • Identities, Privileged Access & Cloud Security Recorded: Sep 23 2020 59 mins
    Brandon S. Dunlap; Jeremy Snyder, Rapid 7; Morten Boel Sigurdsson, Omada; Corey Williams, CyberArk
    Securing the access to cloud data assets has never been more important. According to the latest Verizon DBIR, 73% of cloud breaches involved an email or web application server, while 77% of these cloud breaches also involved breached credentials. What does this mean for enterprise cloud security, especially in the time of COVID19 and remote working?

    Join this keynote panel to learn more about:
    - How the landscape has changed in 2020
    - Why attackers are focused on identities
    - Understanding privileged user behavior and securing identities
    - Discover how organizations are doing IAM, and what's needed for a more secure enterprise
    - Best practices and recommendations by the experts
  • [APAC] How to Prove the ROI of Your Detection and Response Program Recorded: Sep 23 2020 48 mins
    Meaghan Donlon, Senior Product Marketing Manager, Rapid7
    Articulating the return on investment (ROI) of your security program can be a challenge - especially when you’re communicating to stakeholders outside of your core team. While security professionals might know “good” when they see it, understanding the ROI of your program is still a worthwhile exercise. Insight on your ROI is valuable for communicating with stakeholders, influencing company culture and behavior around security, and evaluating investments. In this webcast we’ll talk about how to evaluate the ROI of your detection and response program, and also explore strategies on how to leverage this data to shift perception around security at your business.
  • Cloud Identity Security: Challenges and Solutions Recorded: Sep 22 2020 48 mins
    Jeremy Snyder, Senior Director of Solutions Engineering
    Strong identity and access management (IAM) is one key to preventing data breaches and limiting the blast radius should a security incident occur. But cloud IAM presents a new set of constructs for organizations to build and manage. Is cloud IAM the best identity and access control ever, or yet one more reason to tear your hair out in frustration?

    Join Jeremy Snyder, Senior Director of Solutions Engineering from DivvyCloud by Rapid7 as he discusses why managing cloud IAM is so complex, what challenges this creates for IT and cybersecurity professionals, and how leading organizations governing cloud IAM to reduce risk and the chance of a data breach.

    Key takeaways include understanding how to:
    -Gain visibility to assess, prioritize and remediate improper permission combinations that grant unintended or overly permissive access.
    -Reduce access down to least privilege.
    -Work to minimize cloud security blast radius.
  • Life on the Front Lines - Staying Sane in the SOC Recorded: Sep 16 2020 57 mins
    Diana Kelley, SecurityCurve | Vinay Pidathala, Menlo Security | Delyan Nestorov, Rapid7 | Charity Wright, Recorded Future
    Join this episode of The (Security) Balancing Act for an insider's view of life on the front lines of cybersecurity.

    This panel will look into what it's like to work in and manage a Security Operations Center (SOC), as well as share best practices for keeping your team of front-line defenders sane, empowered and happy, and your organization secure.

    The topics up for discussion during this episode include:
    - What kind of people are best suited for work in a SOC?
    - What kind of training / certifications / skills are needed to be successful?
    - How to handle alert fatigue and analyst overload?
    - Is automation (ML & AI) the answer?
    - What do you do when IOCs aren't enough?
    - Hunters vs. responders, what's the difference?
    - How the pandemic is impacting security operations?
    - Building a healthy team culture and managing self-care in the age of breaches
    - What's needed to make life easier for these front-line cyber defenders

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Angriffserkennung und -abwehr: Aufbauen oder kaufen? Recorded: Sep 10 2020 55 mins
    Daniel Prauser Manager, Solutions Engineering
    Die IT Landschaften der Unternehmen unterziehen sich aktuell einer starken Veränderung. Security-Teams stehen vor der Herausforderung die Sicherheit und Sichtbarkeit trotz der steigenden Anzahl an Remote Arbeitsplätzen zu gewährleisten.

    Wenn ein Mitarbeiter remote arbeitet, kann es für Sicherheitsteams eine Herausforderung werden, zu definieren, welches Verhalten für den Benutzeraccount “normal” ist. Wie unterscheidet man nun zwischen einem legitimen und einem verdächtigen Standortwechsel? Wie erkennt man schnell ungewöhnliches Nutzerverhalten, und was passiert dann?

    Wer sich auf die Suche nach einer technologischen Lösung begibt, stößt schnell auf eine ganze Reihe an Abkürzungen: SIEM, IDR, MDR, SOC, UBA, ABA, EDR, IDS und viele andere.

    Ein SIEM-System ist womöglich das bekannteste Tool. Doch ist das für Sie das richtige? Nach welchen Kriterien entscheiden Sie sich? Wann ist es sinnvoll, sich mit dem Aufbau eines eigenen SOC zu beschäftigen? Wann sollte man lieber outsourcen?

    Im Webinar besprechen wir folgende Punkte:

    • Was ist was: Begriffe und deren Einordnung
    • Angriffserkennung und -abwehr: Lösung im Haus vs. Managed Service
    • Anforderungen an das eigene Programm zur Angriffserkennung und -abwehr
    • Wie ausgereift ist IT-Sicherheit in Ihrem Unternehmen?
    • Wann ist es sinnvoll auf Managed Service zu setzen?
    • Was ist für Sie das Richtige?
  • Best Practices for Threat Detection and Response for Business Resilience Recorded: Sep 9 2020 62 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 & Ellis Fincham, Incident Detection & Response Specialist, Rapid7
    A Gartner survey suggests that 41% of employees are likely to continue working from home once a return to normal working is permitted. That puts companies under pressure to maintain and improve their security operations even in the pandemic aftermath. Leaders are now developing cybersecurity strategies on how to maintain operations while shifting and dividing workforces safely and efficiently.

    Learn the best practices for scaling threat detection and response programs to levels now required to encompass both remote workers and the office workers, and how to connect your teams and tools for clear communication and complete integration across your tech stack.
  • [Panel Talk] 2020 NICER Report: Focus on the UK Internet Risk Landscape Recorded: Sep 8 2020 42 mins
    Rapid7’s Chris Hartley - Director, UK & Ireland, Matt Rider - Director, International Engineering
    Rapid7’s National / Industry / Cloud Exposure Report (NICER) for 2020 is the most comprehensive census of the modern internet. In a time of global pandemic and recession, the Rapid7 research team offers this data-backed analysis of the changing internet risk landscape, measuring the prevalence and geographic distribution of commonly known exposures in the interconnected technologies that shape our world.

    Join Rapid7’s Chris Hartley, Director UK & Ireland and Matt Rider, Director, International Engineering, for an informational session diving into the key findings and UK observations of the 2020 NICER report.

    Key takeaways:
    - Discover the state of the UK’s security posture in 2020
    - Understand how internet risk has been affected by the pandemic and technological movements to the cloud
    - Learn actionable next steps to help keep yourself and your organisation safe on the internet
  • SOAR: IT Security Automatisieren – Ganz Ohne Code (German) Recorded: Sep 3 2020 28 mins
    Phillip Behmer
    Im Durchschnitt benutzen Security-Teams 57 unterschiedliche Produkte. Und selbst wenn es nur 10 sind, reicht dies oftmals schon aus, um einen Mitarbeiter durch den ständigen Kontextwechsel zu überlasten. Berücksichtigt man darüber hinaus die wachsende Komplexität moderner IT-Landschaften und die damit einhergehende Alarmüberflutung, ist es kein Wunder, dass es im Schnitt 279 Tage dauert, bis ein Angriff erkannt und eingedämmt wird.

    Der Einsatz moderner Technologien hingegen ermöglicht es Ihnen zeitintensive Prozesse automatisiert auszuführen. Mit spezialisierten Tools zur Automatisierung & Orchestrierung der gängigen Security-Workflows können Sie Unmengen an Zeit sparen und Ihre Mitarbeiter dort einsetzen, wo menschliches Know-How unverzichtbar ist.

    In unserem Webinar beleuchten wir:

    Welche gängigen Prozesse sich automatisieren lassen
    Wie diese Workflows in der Praxis aussehen
    Welcher Aufwand damit verbunden ist, automatisierte Prozesse einzuführen
    Ein kleiner Ausblick vorweg:

    Onboarding eines neuen Mitarbeiters: 5 Minuten statt 8 Stunden
    Eine Phishing-Alert-Investigation: 5 Minuten statt 75 Minuten
    Schwachstellen-Remediation: Minuten statt Stunden oder gar Tage
    Im Webinar lernen Sie zudem, wie Sie diese Aufgaben mit Hilfe von InsightConnect bewältigen können.
  • Application Security: Operating in the Post-Pandemic World Recorded: Sep 2 2020 56 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 7 Marcus Eaton, Lead Security Solutions Engineer, Rapid7
    The world has seen a new reliance on digital solutions during the pandemic. Digitalisation has stepped in to bridge the gaps left by mandatory shutdowns and social distancing rules. The pandemic has made developing and updating apps not just a nice-to-have marketing tool, but a necessary task for business survival. Without digital tools and technologies, we wouldn’t be able to shop, work or stay in touch with each other.

    Because of this difficult situation between pandemic-induced operational priorities and an urgent need to innovate, security and DevOps teams are (seemingly) left with two options: sacrifice speed for security, or sacrifice security for speed. However, we think there are better ways forward.
  • Applying an ROI Framework to Your Vulnerability Management Program Recorded: Aug 26 2020 46 mins
    Tori Sitcawich, Product Marketing Manager
    Watch this on-demand webcast to learn how to quantify the value of switching to InsightVM, and also how to quantify the value of a vulnerability risk management solution in general.

    InsightVM is Rapid7’s vulnerability risk management offering that helps security teams:

    Gain Clarity into Risk and Across Teams
    Extend Security’s Influence
    See Shared Progress
    Watch to learn more about the benefits of InsightVM from a security, financial, and business perspective. We’ll deep dive into the cost, benefit, flexibility, and risk factors that go into purchasing InsightVM. These will provide you with a framework to evaluate if switching to InsightVM is right for you and your business.

    We’ll also direct you to the available resources that can further assist with your decision-making. Vulnerability Management is a core part of any security program. Make sure the product you’re using is providing you with the most value.
  • Best Practices for Threat Detection and Response for Business Resilience Recorded: Aug 25 2020 63 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 & Ellis Fincham, Incident Detection & Response Specialist, Rapid7
    A Gartner survey suggests that 41% of employees are likely to continue working from home once a return to normal working is permitted. That puts companies under pressure to maintain and improve their security operations even in the pandemic aftermath. Leaders are now developing cybersecurity strategies on how to maintain operations while shifting and dividing workforces safely and efficiently.

    Learn the best practices for scaling threat detection and response programs to levels now required to encompass both remote workers and the office workers, and how to connect your teams and tools for clear communication and complete integration across your tech stack.
  • Rapid7 Research: Latest Threat Report Recorded: Aug 25 2020 60 mins
    Wade Woolwine, Prin. Threat Intelligence Researcher; Kwan Lin, Prin. Data Scientist
    We hope this edition of Rapid7’s quarterly threat readout finds you safe (at least from poorly crafted pandemic-themed marketing emails). There is no doubt that the key theme for the first quarter of 2020 is “the new normal” in our lives and in our workplaces. It has been a time of change, adaptation, confusion, and fear. In other words, the perfect recipe for attackers.

    For this quarterly report, we have decided to focus on threats originating from COVID-19 or the changes to our lifestyles, workstyles, and the threat landscape.

    Join Rapid7's Research team as they dive into the key findings from our lastest version of the Quarterly Threat Report.
Powering the Practice of SecOps
Organizations around the globe trust Rapid7 technology, services, and research to help them securely advance. The visibility, analytics, and automation delivered through our Insight cloud simplifies the complex and helps security teams reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Learn more at www.rapid7.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Shoot for the...Cloud?
  • Live at: Mar 12 2020 1:40 pm
  • Presented by: Daniel Prauser
  • From:
Your email has been sent.
or close