Hi [[ session.user.profile.firstName ]]

Behind the Scenes of Managed Detection & Response Service

You might think of a security operations center like a stereotypical movie war room: a dark room filled with complex maps, fancy monitors, and analysts on headsets. However, most SOCs aren't really a physical presence or room; more accurately, they're a formally organised team that's dedicated to a specific set of security roles and responsibilities for detecting and validating threats within your environment.
No matter a company's size or purpose, it’s valuable to have a dedicated organisational-level team whose job is to constantly monitor security operations and incidents and respond to any issues that may arise. The various responsibilities within a cybersecurity team can be extremely complex, and a SOC can not only serve as the tactical console to empower team members in performing their day-to-day tasks, but also as a strategic center to keep the team aware of bigger, longer-term security trends.

In this webcast, our threat detection specialists will reveal;
· How known and unknown threats are identified in our customer environments
· The intelligence behind threat hunting
· How our SOC uses threat intelligence to detect, investigate and respond to incidents
· What a typical day in the life of a SOC Analyst looks like
Recorded May 22 2020 48 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
Presentation preview: Behind the Scenes of Managed Detection & Response Service

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Improving Patching Efficiency with Automation Aug 6 2020 8:00 am UTC 46 mins
    Justin Buchanan, Senior Product Marketing Manager Nick McKee, Technical Product Manager
    You have a good process down when it comes to understanding risk in your environment, but how do you go about working with others teams and implementing processes to actually reduce the risk? This can be quite challenging, especially if you’re reducing all risk manually. Join us as we dive into the most common challenges faced when it comes to risk reduction, how to overcome these challenges in tactical ways, and the automation capabilities available in Rapid7 InsightVM that help you reduce risk in a big way.

    During this webcast, you’ll learn about:

    Top challenges that prevent the acceleration of remediation and risk reduction
    Actionable ways to overcome top remediation challenges that you can start implementing today
    InsightVM’s risk reduction capabilities that save you a lot of time and headaches
  • Industry Cyber Exposure Report: Deutsche Börse Prime Standard 320 (English) Jul 23 2020 8:00 am UTC 56 mins
    Bob Rudis, Chief Data Scientist, Rapid7 Tod Beardsley, Research Director, Rapid7
    Rapid7 betreibt mehrere Researchprojekte, wie Project Sonar, Project Heisenberg, Under the Hoodie, National Exposure Index und Threat Intelligence. Diesmal haben unsere Forscher Ihren Blick auf Deutschland gerichtet und die Bedrohungslandschaft anhand von 320 an der Deutschen Börse gehandelten Unternehmen (Prime Standard) untersucht. Diese brandneue Studie stellen Ihnen die Autoren Tod Beardsley, Rapid7 Research Director, und Bob Rudis, Chief Data Scientist, vor.

    Folgende Themen erwarten Sie:

    Die Angreifbarkeit deutscher Unternehmen im internationalen Vergleich
    Industrien, die unwissentlich bösartigen Datenverkehr, wie z.B. EternalBlue Exploits und DDOS Angriffe, aussenden
    Die Gefahr, die von cloudbasierten Drittanbieterdiensten ausgeht
    Verbreitung der anti-spoofing Technik DMARC in Deutschland

    Die Industry Cyber-Exposure Reports von Rapid7 haben das Ziel, die Widerstandskraft von Unternehmen und Branchen gegen Cyberangriffe aufzuzeigen. Diesen aktuellen Sicherheitszustand zu kennen, hilft Unternehmen, ihre Cyber Security-Investitionen zu planen und Maßnahmen durchzuführen, um den Schutz gegen Cyber-Bedrohungen zu verbessern. Zudem soll der Report auch einen Anstoß geben, die Zusammenarbeit zwischen der Regierung und der deutschen Wirtschaft zu optimieren, damit User und Unternehmen in gleichem Maße sicherer agieren können.
  • Protecting Your Business from Nation State Attacks Jul 21 2020 4:00 pm UTC 60 mins
    Diana Kelley | Matt Rider
    Cyberattacks attributed to foreign governments have been on the rise for years, many against organizations all over the world. These attacks try to steal online account information, infect computers, and compromise the safety of networks. Targets of these attacks include think tanks, university staff, government employees, and even members of organizations focused on human rights issues.

    As these attacks increase in prevalence and sophistication, organizations are taking notice of the threats posed by hostile state actors and state-sponsored cybercriminal groups.

    So, how can businesses protect against them?

    Join today's episode of The (Security) Balancing Act with Diana Kelley to learn whether your business should be concerned about nation state attacks and what to do about it.

    The topics up for discussion will include:
    - State actors & rise in cyber crime
    - How the attackers get in
    - A review of recent nation-state campaigns
    - How does this impact organizations across different verticals (Financial vs Healthcare vs Government)
    - How industry and law enforcement are responding to these attacks
    - How AI and ML may change cybercriminal tactics
    - How to deal with threats from criminals and hostile states

    Panelists:
    - Matt Rider, International Engineering Director, Rapid7
    - Other panelists TBA

    We welcome viewer participation and questions during this interactive panel session.
  • 2020 Threat Report Jul 16 2020 1:00 pm UTC 54 mins
    Wade Woolwine, Prin. Threat Intelligence Researcher; Kwan Lin, Prin. Data Scientist; Tod Beardsley, Research Director
    At Rapid7, we’re obsessed with giving our customers, prospects, and the industry as a whole the knowledge, tools, and telemetry to achieve positive outcomes within their security programs.

    In our latest threat telemetry data analysis we look at how internet-exposed systems and valid accounts are being targeted by attackers and provide recommendations to mitigate and remediate these threats.

    We also cover how to measure and improve how external attackers see your organization with respect to what systems and services are available on the internet, discuss the importance of account security through multi-factor authentication, password complexity requirements and more.

    Tune in as our research team provides you with the insight needed to help you prioritize these threats and safeguard your employees and business.
  • SOAR: IT Security Automatisieren – Ganz Ohne Code (German) Jul 16 2020 8:00 am UTC 28 mins
    Phillip Behmer
    Im Durchschnitt benutzen Security-Teams 57 unterschiedliche Produkte. Und selbst wenn es nur 10 sind, reicht dies oftmals schon aus, um einen Mitarbeiter durch den ständigen Kontextwechsel zu überlasten. Berücksichtigt man darüber hinaus die wachsende Komplexität moderner IT-Landschaften und die damit einhergehende Alarmüberflutung, ist es kein Wunder, dass es im Schnitt 279 Tage dauert, bis ein Angriff erkannt und eingedämmt wird.

    Der Einsatz moderner Technologien hingegen ermöglicht es Ihnen zeitintensive Prozesse automatisiert auszuführen. Mit spezialisierten Tools zur Automatisierung & Orchestrierung der gängigen Security-Workflows können Sie Unmengen an Zeit sparen und Ihre Mitarbeiter dort einsetzen, wo menschliches Know-How unverzichtbar ist.

    In unserem Webinar beleuchten wir:

    Welche gängigen Prozesse sich automatisieren lassen
    Wie diese Workflows in der Praxis aussehen
    Welcher Aufwand damit verbunden ist, automatisierte Prozesse einzuführen
    Ein kleiner Ausblick vorweg:

    Onboarding eines neuen Mitarbeiters: 5 Minuten statt 8 Stunden
    Eine Phishing-Alert-Investigation: 5 Minuten statt 75 Minuten
    Schwachstellen-Remediation: Minuten statt Stunden oder gar Tage
    Im Webinar lernen Sie zudem, wie Sie diese Aufgaben mit Hilfe von InsightConnect bewältigen können.
  • Rapid7 Cyber Threat Research: What you need to know now Jul 9 2020 12:00 pm UTC 45 mins
    Chris Hartley - Regional Director UK & Ireland, Rapid7. Matt Rider - Director, International Engineering, Rapid7
    We believe security is the responsibility of all technology users, manufacturers, and intermediaries and that collaboration is the only way to achieve long-term change. That’s why we’re committed to openly sharing security information, helping our peers to learn, grow, and develop new capabilities, and supporting each other in raising and addressing issues that affect the cybersecurity community.


    In the first of a new series of webinars, Rapid7’s UK & Ireland Director, Chris Hartley, and International Director of Engineering, Matt Rider, will introduce the breadth of Rapid7’s research, sharing key insights for security professionals and organisations of any size looking to improve their approach to cybersecurity.

    Key Takeaways:

    - Discover the changes that the last three months have brought in terms of exposure, cyber attacks and how to approach cybersecurity
    - Understand how the FTSE 250’s attack surface has expanded and what this means for UK organisations
    - Learn how you can reduce the risk of exposure in your organisation and industry
  • Industry Cyber Exposure Report: FTSE 250+ Recorded: Jun 25 2020 51 mins
    Tod Beardsley, Research Director, Rapid7, Bob Rudis, Chief Senior Data Scientist, Rapid7
    Rapid7 researchers have released their latest look into corporate exposure, this time focusing on the UK’s FTSE 250. The report reveals that even large, mature, and well-resourced organisations are falling short of meeting cybersecurity basics, leaving them susceptible to risk.

    In this webinar, Rapid7's Tod Beardsley, Research Director, and Bob Rudis, Chief Security Data Scientist, will share insights from the research and recommendations for organisations looking to improve their approach to cybersecurity in the highlighted weak areas.

    Key takeaways:
    - Hear how the attack surface for FTSE 250 has expanded, and new areas to consider
    - Learn what the common problem areas are for each of the surveyed industries
    - Gain an understanding of how organisations can take action to reduce their exposure risk
  • Cloudy with a Chance of Misconfiguration Recorded: Jun 18 2020 43 mins
    Bulut Ersavas, Senior Manager, Product Management, Rapid7 and Brandon Turner, Senior Director, Software Engineering, Rapid7
    Misconfigurations in the cloud are becoming a prevalent source of risk for organizations as more and more businesses move their infrastructure to the cloud. The root cause of this increased risk is that in a cloud environment, far more people can set up and deploy network infrastructure, whereas in an on-premises network, that ability is usually restricted to IT professionals who are well-versed in security best-practices.

    It’s important to note that while misconfigurations are a risk, they can be effectively managed. With the right tools and processes in place, you can leverage cloud infrastructure in a secure way. Correctly configuring cloud infrastructure requires close collaboration among development, IT, operations, and security teams. It also requires an understanding of proper configurations.

    As a result, scanning for vulnerabilities alone is not enough to manage risk in your cloud infrastructure—you also need a strategy to prevent misconfigurations, as well as a purpose-built way to detect them when they still manage to sneak their way through.

    Join Rapid7’s Bulut Ersavas, Senior Manager, Product Management and Brandon Turner, Senior Director, Software Engineering to learn about:

    -Common types of misconfigurations
    -How to discover misconfigurations
    -How to prevent misconfigurations
    -How to implement cloud security best practices
  • Insider Threats Recorded: Jun 16 2020 60 mins
    Arun Kothanath, Shahrokh Shahidzadeh, Eitan Bremler, John Pepe & Jeremiah Dewey
    There have been countless insider threat breaches recently, it’s no surprise that research suggests that up to 60% of cyberattacks are due to insider threats. With so much at stake, it's vital for organizations to protect against insider threats.

    Join this interactive panel of industry experts as they discuss:

    - How to protect your organisation from insider threats
    - Latest technologies and solutions
    - Benefits of early and timely detection

    Arun Kothanath, Chief Security Strategist, Clango (Moderator)
    Shahrokh Shahidzadeh, CEO, Acceptto
    Eitan Bremler, Co-Founder & VP Corporate Development, Safe-T
    John Pepe, Regulatory Technology and Counsel, Proofpoint
    Jeremiah Dewey, VP of Managed Services, Rapid7
  • How to Prove the ROI of Your Detection and Response Program Recorded: Jun 11 2020 48 mins
    Meaghan Donlon, Senior Product Marketing Manager, Rapid7
    Articulating the return on investment (ROI) of your security program can be a challenge - especially when you’re communicating to stakeholders outside of your core team. While security professionals might know “good” when they see it, understanding the ROI of your program is still a worthwhile exercise. Insight on your ROI is valuable for communicating with stakeholders, influencing company culture and behavior around security, and evaluating investments. In this webcast we’ll talk about how to evaluate the ROI of your detection and response program, and also explore strategies on how to leverage this data to shift perception around security at your business.
  • Is Your Organization Ready for Automation? Recorded: Jun 10 2020 59 mins
    Cindy Jones, Kevin Gilstrap, Scott King, and Michael Clark
    Today’s security and IT teams are struggling to keep up. The digital landscape is constantly changing and between disparate, unintegrated systems and repetitive, manual processes, security teams are having a difficult time getting ahead. There are too many alerts, not enough time to investigate them all, and staff are on the verge of burnout.

    Security orchestration and automation (SOAR) tools introduce ways for security teams to streamline and improve their everyday processes. But, is your organization ready for automation?

    Join us for an engaging discussion where you’ll learn:

    Key considerations that should be in place before implementing automation
    When is the right time to add automation (and when it isn’t)
    Which common security tasks are ideal to automate
    How to prepare your organization for SOAR


    Cindy Jones, Principal Advisory Services Consultant
    Kevin Gilstrap, Mgr, Security Consulting
    Scott King, Sr. Director, Advisory Services
    Michael Clark, Principal Incident Response Consultant
  • 5 Reasons to Outsource Detection & Response Operations Recorded: Jun 9 2020 38 mins
    Chris Hartley - Regional Director for UK & Ireland, Rapid7, and Warwick Webb - Security Practitioner, Rapid7
    Security has played a positive role in enabling business over the recent weeks. This has been demonstrated by allowing remote workforces to remain productive and the hard work of security teams to keep operations running. However all this is putting a strain on the internal resources trying to protect their critical business assets from both external attackers and insider threats.

    At Rapid7 we are taking a practical role in helping ensure security advice and guidance is available for all, and we will be running a series of talk tracks to help provide a measured perspective on how to remain secure and operational with the resources you have.

    Join us for this live talk where Chris Hartley, Director at Rapid7 UK & Ireland, and Warwick Webb, Security Practitioner, will discuss the top 5 reasons why some organisations are looking to augment or outsource their threat detection and response operations including:

    · Talent shortage in cybersecurity and why specialisation is key
    · Business continuity and the impact of ‘always on’
    · Threat intelligence and global visibility of the threat landscape
    · Role of threat hunters in incident response

    We’ll also be joined by customer, Simon Parry from the Development Bank of Wales to reveal how they are using managed services in their own environment and which elements of managed detection and response are most important the success of their security program.
  • Optimizing Email Security with Rapid7 InsightConnect and Mimecast Recorded: Jun 5 2020 18 mins
    Jadon Montero, Senior Product Manager, SOAR, Rapid7 & Devin Hamilton, Product Manager API & Alliances at Mimecast
    As security teams continue to evolve, adapt, and innovate at a rapid rate, the struggle to balance increasing workloads with limited resources, complex ecosystems, and rising threats has never been greater. Security orchestration and automation (SOAR) helps teams improve their security posture and create efficiency—without sacrificing control of important security and IT processes.

    Learn how you can automate your security program from end-to-end by deeply integrating Mimecast with the rest of your security stack using Rapid7’s SOAR solution, InsightConnect.
  • [Panel Talk] Navigating the New Normal: Cyber & Cloud Best Practices Recorded: Jun 5 2020 32 mins
    Cindy Stanton,VP Product Marketing; Scott King, Director Security Advisory Services; Derek Abdine, Director Security Research
    As communities around the world start to discuss reopening, it poses a lot of questions for organizations:
    Is the virtual workforce here to stay, and what does it mean for your security posture? Which of the emergency security practices you enacted are working, and which are not? What role does the cloud play in all of this? Should you be accelerating migration plans, what immediate threats do you need to watch for, and the list goes on.
    These are all equally important and valid questions, but knowing where to start can feel daunting.
    Join Rapid7’s Vice President of Product Marketing, Cindy Stanton; Senior Director, Security Advisory Services, Scott King; Senior Director, Security Research, Derek Abdine; and series moderator, Vice President Global Growth Marketing and Operations, Tom Rogers as they discuss industry trends and research they’ve been collecting, how they’re approaching security as it relates to reopening Rapid7, cloud best practices, and more.
  • Part 1: Managed Security Service (MSS) - People and Partners Recorded: Jun 3 2020 16 mins
    Garth Schwer - SOC Manager, Rapid7
    Transformation has brought vast benefits to many organisations. Yet, it’s about balancing risk and reward. As organisations open up the perimeter fence so to speak, the more opportunity there is for threats and risks to penetrate the business.

    Consider this, from 2019–2023, approximately $5.2 trillion in global value will be at risk from cyberattacks (Source: Accenture). As such, threat intelligence has become crucial in the transformation journey of an organisation.

    Join us for the first, in a three-part series of webinars focused on the People, Process and Technology of Managed Security Services. Examined across the three pillars, we look at how managed security services offer a combination of expertise and technology to detect dynamic threats quickly across your entire ecosystem.
    In the first episode about people, we consider how, when IT is your constant focus, it’s easy to lose sight of the why we do what we do.

    Technology exists to provide value to the people your business serves and employs. The human component of any technology service is often considered one of the most important aspects of great implementations.
  • 2020 Threat Report Recorded: Jun 3 2020 54 mins
    Wade Woolwine, Prin. Threat Intelligence Researcher; Kwan Lin, Prin. Data Scientist; Tod Beardsley, Research Director
    At Rapid7, we’re obsessed with giving our customers, prospects, and the industry as a whole the knowledge, tools, and telemetry to achieve positive outcomes within their security programs.

    In our latest threat telemetry data analysis we look at how internet-exposed systems and valid accounts are being targeted by attackers and provide recommendations to mitigate and remediate these threats.

    We also cover how to measure and improve how external attackers see your organization with respect to what systems and services are available on the internet, discuss the importance of account security through multi-factor authentication, password complexity requirements and more.

    Tune in as our research team provides you with the insight needed to help you prioritize these threats and safeguard your employees and business.
  • [Panel Talk] Navigating the New Normal: Cyber & Cloud Best Practices Recorded: Jun 2 2020 32 mins
    Cindy Stanton,VP Product Marketing; Scott King, Director Security Advisory Services; Derek Abdine, Director Security Research
    As communities around the world start to discuss reopening, it poses a lot of questions for organizations:
    Is the virtual workforce here to stay, and what does it mean for your security posture? Which of the emergency security practices you enacted are working, and which are not? What role does the cloud play in all of this? Should you be accelerating migration plans, what immediate threats do you need to watch for, and the list goes on.
    These are all equally important and valid questions, but knowing where to start can feel daunting.
    Join Rapid7’s Vice President of Product Marketing, Cindy Stanton; Senior Director, Security Advisory Services, Scott King; Senior Director, Security Research, Derek Abdine; and series moderator, Vice President Global Growth Marketing and Operations, Tom Rogers as they discuss industry trends and research they’ve been collecting, how they’re approaching security as it relates to reopening Rapid7, cloud best practices, and more.
  • Behind the Scenes of Managed Detection & Response Service Recorded: May 26 2020 47 mins
    Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
    You might think of a security operations center like a stereotypical movie war room: a dark room filled with complex maps, fancy monitors, and analysts on headsets. However, most SOCs aren't really a physical presence or room; more accurately, they're a formally organised team that's dedicated to a specific set of security roles and responsibilities for detecting and validating threats within your environment.
    No matter a company's size or purpose, it’s valuable to have a dedicated organisational-level team whose job is to constantly monitor security operations and incidents and respond to any issues that may arise. The various responsibilities within a cybersecurity team can be extremely complex, and a SOC can not only serve as the tactical console to empower team members in performing their day-to-day tasks, but also as a strategic center to keep the team aware of bigger, longer-term security trends.

    In this webcast, our threat detection specialists will reveal;
    · How known and unknown threats are identified in our customer environments
    · The intelligence behind threat hunting
    · How our SOC uses threat intelligence to detect, investigate and respond to incidents
    · What a typical day in the life of a SOC Analyst looks like
  • It's time to get cirrus about the cloud Recorded: May 22 2020 49 mins
    Graeme McMillan, Sr. Security Solutions Engineer & Justin Buchanan, Senior Manager of VM Offerings
    Find yourself gazing towards the cloud with roughly the same intrepidation as the Wright brothers did when they looked to the clouds? Although somewhat daunting,the public cloud has sparked an IT migration worth billions.

    Many organizations have turned to the agility of the cloud as a means of accelerating growth and streamlining operations. However, with the somewhat endless list of services and options now available, some companies could certainly find themselves straying from a well architected solution.

    Join Rapid7 as we explore the shift and share how to ensure you're formulating a secure cloud approach.
  • Behind the Scenes of Managed Detection & Response Service Recorded: May 22 2020 48 mins
    Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
    You might think of a security operations center like a stereotypical movie war room: a dark room filled with complex maps, fancy monitors, and analysts on headsets. However, most SOCs aren't really a physical presence or room; more accurately, they're a formally organised team that's dedicated to a specific set of security roles and responsibilities for detecting and validating threats within your environment.
    No matter a company's size or purpose, it’s valuable to have a dedicated organisational-level team whose job is to constantly monitor security operations and incidents and respond to any issues that may arise. The various responsibilities within a cybersecurity team can be extremely complex, and a SOC can not only serve as the tactical console to empower team members in performing their day-to-day tasks, but also as a strategic center to keep the team aware of bigger, longer-term security trends.

    In this webcast, our threat detection specialists will reveal;
    · How known and unknown threats are identified in our customer environments
    · The intelligence behind threat hunting
    · How our SOC uses threat intelligence to detect, investigate and respond to incidents
    · What a typical day in the life of a SOC Analyst looks like
Powering the Practice of SecOps
Organizations around the globe trust Rapid7 technology, services, and research to help them securely advance. The visibility, analytics, and automation delivered through our Insight cloud simplifies the complex and helps security teams reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Learn more at www.rapid7.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Behind the Scenes of Managed Detection & Response Service
  • Live at: May 22 2020 1:00 pm
  • Presented by: Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
  • From:
Your email has been sent.
or close