Hi [[ session.user.profile.firstName ]]

Behind the Scenes of Managed Detection & Response Service

You might think of a security operations center like a stereotypical movie war room: a dark room filled with complex maps, fancy monitors, and analysts on headsets. However, most SOCs aren't really a physical presence or room; more accurately, they're a formally organised team that's dedicated to a specific set of security roles and responsibilities for detecting and validating threats within your environment.
No matter a company's size or purpose, it’s valuable to have a dedicated organisational-level team whose job is to constantly monitor security operations and incidents and respond to any issues that may arise. The various responsibilities within a cybersecurity team can be extremely complex, and a SOC can not only serve as the tactical console to empower team members in performing their day-to-day tasks, but also as a strategic center to keep the team aware of bigger, longer-term security trends.

In this webcast, our threat detection specialists will reveal;
· How known and unknown threats are identified in our customer environments
· The intelligence behind threat hunting
· How our SOC uses threat intelligence to detect, investigate and respond to incidents
· What a typical day in the life of a SOC Analyst looks like
Recorded May 26 2020 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
Presentation preview: Behind the Scenes of Managed Detection & Response Service

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Applying an ROI Framework to Your Vulnerability Management Program Aug 26 2020 1:00 pm UTC 46 mins
    Tori Sitcawich, Product Marketing Manager
    Watch this on-demand webcast to learn how to quantify the value of switching to InsightVM, and also how to quantify the value of a vulnerability risk management solution in general.

    InsightVM is Rapid7’s vulnerability risk management offering that helps security teams:

    Gain Clarity into Risk and Across Teams
    Extend Security’s Influence
    See Shared Progress
    Watch to learn more about the benefits of InsightVM from a security, financial, and business perspective. We’ll deep dive into the cost, benefit, flexibility, and risk factors that go into purchasing InsightVM. These will provide you with a framework to evaluate if switching to InsightVM is right for you and your business.

    We’ll also direct you to the available resources that can further assist with your decision-making. Vulnerability Management is a core part of any security program. Make sure the product you’re using is providing you with the most value.
  • Best Practices for Threat Detection and Response for Business Resilience Aug 25 2020 2:00 pm UTC 60 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 & Ellis Fincham, Incident Detection & Response Specialist, Rapid7
    A Gartner survey suggests that 41% of employees are likely to continue working from home once a return to normal working is permitted. That puts companies under pressure to maintain and improve their security operations even in the pandemic aftermath. Leaders are now developing cybersecurity strategies on how to maintain operations while shifting and dividing workforces safely and efficiently.

    Learn the best practices for scaling threat detection and response programs to levels now required to encompass both remote workers and the office workers, and how to connect your teams and tools for clear communication and complete integration across your tech stack.
  • Rapid7 Research: Latest Threat Report Aug 25 2020 1:00 pm UTC 60 mins
    Wade Woolwine, Prin. Threat Intelligence Researcher; Kwan Lin, Prin. Data Scientist
    We hope this edition of Rapid7’s quarterly threat readout finds you safe (at least from poorly crafted pandemic-themed marketing emails). There is no doubt that the key theme for the first quarter of 2020 is “the new normal” in our lives and in our workplaces. It has been a time of change, adaptation, confusion, and fear. In other words, the perfect recipe for attackers.

    For this quarterly report, we have decided to focus on threats originating from COVID-19 or the changes to our lifestyles, workstyles, and the threat landscape.

    Join Rapid7's Research team as they dive into the key findings from our lastest version of the Quarterly Threat Report.
  • Cloud IAM is the New Perimeter, Learn How to Govern It or Lose Control Aug 20 2020 2:00 pm UTC 30 mins
    James Martin, Technical Product Manager and Chris Hertz, VP Cloud Security Sales, of DivvyCloud by Rapid7
    Strong IAM governance is the key to preventing data breaches and limiting the blast radius should a security incident occur.

    Join James Martin, Technical Product Manager, and Chris Hertz, VP Cloud Security Sales, of DivvyCloud by Rapid7, for a discussion on why managing cloud IAM is so complex, what challenges this creates for IT and cybersecurity professionals, and how leading organizations are governing cloud IAM to reduce risk and the chance of a data breach.

    Key takeaways include understanding how to:

    - Gain visibility to assess, prioritize and remediate improper permission combinations that grant unintended or overly permissive access.
    - Establish and maintain least privilege.
    - Limit cloud security blast radius.
  • Has recent rapid cloud adoption increased your threat risk? Aug 19 2020 2:00 am UTC 64 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 & Christopher Hertz, VP Cloud Security Sales, Rapid7
    It is through this period of disruption that businesses' priorities change & IT leadership has to evolve and adapt to support their businesses in order to find success at this difficult time. We have seen a rapid adoption of cloud services to enable businesses to continue to function and importantly change their business models to succeed.

    Remote working is not new, but the scale of it has shifted considerably. As such, the risk profile associated with our remote working changes, and the focus that we need to put on securing the technologies used by the employees increases.

    It’s time to embrace cloud capabilities that can help businesses address speed to market through agility, lower TCO and an increased security posture. Now is the time to look at using technology intelligently in order to help our economy and way of life recover, but it needs to be done securely.

    In this session, we’ll discuss how organisations accelerate their cloud adoption to allow business resilience and competitiveness, while cybersecurity leaders must address new and heightened cyber risk concerns surrounding such rapid change.
  • Augmenting Native Cloud Security Services to Achieve Enterprise-grade Security Recorded: Aug 13 2020 48 mins
    Thomas Martin former GE CIO and founder of NephōSec and Christopher Hertz, VP Cloud Security Sales at Rapid7
    Appropriate use of native security controls in Amazon Web Services, Microsoft Azure, and Google Cloud Platform is essential to managing cloud risk (and avoiding a costly breach). However, many organizations struggle with determining when and how to use these native security controls, doing so in a consistent fashion, and also understanding how and when to augment these to ensure continuous security and compliance.

    Join Thomas Martin (former GE CIO and founder of NephōSec) and Christopher Hertz (VP Cloud Security Sales at Rapid7) for a discussion on:

    - How and when to use native cloud security controls
    - Why and when you may want to augment these control
    - How to leverage automation to gain continuous security and compliance in public cloud
  • Cloudy with a Chance of Misconfiguration Recorded: Aug 13 2020 40 mins
    Bulut Ersavas, Senior Manager, Product Management, Rapid7 and Brandon Turner, Senior Director, Software Engineering, Rapid7
    Misconfigurations in the cloud are becoming a prevalent source of risk for organizations as more and more businesses move their infrastructure to the cloud. The root cause of this increased risk is that in a cloud environment, far more people can set up and deploy network infrastructure, whereas in an on-premises network, that ability is usually restricted to IT professionals who are well-versed in security best-practices.
  • [Panel Talk] Remote Work Readiness: Leveraging Your Security Partners Recorded: Aug 12 2020 33 mins
    Rapid7’s VP - EMEA Sales David Howorth, VP - Managed Services Jeremiah Dewey, Mimecast's Director Enterprise Matthew Gardiner
    Companies have been taking major steps to manage their rapidly evolving environments - particularly around protecting their workforces, stabilising their supply chains, and focusing on their customer experience.
    If your business has been disrupted, your supply chain and partner vendors may have experienced some changes to their business continuity. What questions should you be asking them? What can you expect during this period of disruption?
    Rapid7’s Vice President of EMEA Sales David Howorth, and Vice President of Managed Services Jeremiah Dewey, will be joined by Mimecast's Director Enterprise Security Campaigns Matthew Gardiner to discuss how they are ensuring business continuity for their customers.
  • Application Security: Operating in the Post-Pandemic World Recorded: Aug 11 2020 57 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 7 Marcus Eaton, Lead Security Solutions Engineer, Rapid7
    The world has seen a new reliance on digital solutions during the pandemic. Digitalisation has stepped in to bridge the gaps left by mandatory shutdowns and social distancing rules. The pandemic has made developing and updating apps not just a nice-to-have marketing tool, but a necessary task for business survival. Without digital tools and technologies, we wouldn’t be able to shop, work or stay in touch with each other.

    Because of this difficult situation between pandemic-induced operational priorities and an urgent need to innovate, security and DevOps teams are (seemingly) left with two options: sacrifice speed for security, or sacrifice security for speed. However, we think there are better ways forward.
  • 2020 NICER Report: A Briefing on Rapid7's Internet Atlas Recorded: Aug 11 2020 49 mins
    Tod Beardsley, Research Director & Bob Rudis, Sr. Director Chief Security Data Scientist
    Rapid7’s National / Industry / Cloud Exposure Report (NICER) for 2020 is the most comprehensive census of the modern internet. In a time of global pandemic and recession, the Rapid7 research team offers this data-backed analysis of the changing internet risk landscape, measuring the prevalence and geographic distribution of commonly known exposures in the interconnected technologies that shape our world.

    Join us for an informational session diving into the key findings and walk away with actionable next steps to help keep yourself and your organization safe on the internet.
  • Improving Patching Efficiency with Automation Recorded: Aug 6 2020 46 mins
    Justin Buchanan, Senior Product Marketing Manager Nick McKee, Technical Product Manager
    You have a good process down when it comes to understanding risk in your environment, but how do you go about working with others teams and implementing processes to actually reduce the risk? This can be quite challenging, especially if you’re reducing all risk manually. Join us as we dive into the most common challenges faced when it comes to risk reduction, how to overcome these challenges in tactical ways, and the automation capabilities available in Rapid7 InsightVM that help you reduce risk in a big way.

    During this webcast, you’ll learn about:

    Top challenges that prevent the acceleration of remediation and risk reduction
    Actionable ways to overcome top remediation challenges that you can start implementing today
    InsightVM’s risk reduction capabilities that save you a lot of time and headaches
  • Behind the Scenes of Managed Detection & Response Service Recorded: Aug 6 2020 47 mins
    Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
    You might think of a security operations center like a stereotypical movie war room: a dark room filled with complex maps, fancy monitors, and analysts on headsets. However, most SOCs aren't really a physical presence or room; more accurately, they're a formally organised team that's dedicated to a specific set of security roles and responsibilities for detecting and validating threats within your environment.
    No matter a company's size or purpose, it’s valuable to have a dedicated organisational-level team whose job is to constantly monitor security operations and incidents and respond to any issues that may arise. The various responsibilities within a cybersecurity team can be extremely complex, and a SOC can not only serve as the tactical console to empower team members in performing their day-to-day tasks, but also as a strategic center to keep the team aware of bigger, longer-term security trends.

    In this webcast, our threat detection specialists will reveal;
    · How known and unknown threats are identified in our customer environments
    · The intelligence behind threat hunting
    · How our SOC uses threat intelligence to detect, investigate and respond to incidents
    · What a typical day in the life of a SOC Analyst looks like
  • How to Prove the ROI of Your Detection and Response Program Recorded: Aug 5 2020 48 mins
    Meaghan Donlon, Senior Product Marketing Manager, Rapid7
    Articulating the return on investment (ROI) of your security program can be a challenge - especially when you’re communicating to stakeholders outside of your core team. While security professionals might know “good” when they see it, understanding the ROI of your program is still a worthwhile exercise. Insight on your ROI is valuable for communicating with stakeholders, influencing company culture and behavior around security, and evaluating investments. In this webcast we’ll talk about how to evaluate the ROI of your detection and response program, and also explore strategies on how to leverage this data to shift perception around security at your business.
  • Continuous Cloud Security and Compliance for Healthcare & Life Sciences Recorded: Aug 5 2020 31 mins
    Thomas Martin, Founder at NephōSec and former CIO at GE & Chris Hertz, VP Cloud Security Sales at DivvyCloud by Rapid7
    When it comes to the security and compliance of your enterprise cloud, healthcare and life sciences organizations must have an integrated, automated, enterprise-wide, multi-cloud approach to ensure regulatory compliance and complete data protection. Join Thomas Martin, Founder at NephōSec and former CIO at GE, along with Chris Hertz, Vice President Cloud Security Sales at DivvyCloud by Rapid7, for a review of the latest global trends in cloud risk for healthcare and how to achieve continuous full-life cycle security and compliance for multi-cloud environments.

    Key take-aways:
    -Global trends and challenges in cloud risk for healthcare
    -The benefits of a security-first design
    -Steps to implement integrated security and automation to achieve continuous security and compliance
  • Has recent rapid cloud adoption increased your threat risk? Recorded: Jul 28 2020 65 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 & Christopher Hertz, VP Cloud Security Sales, Rapid7
    It is through this period of disruption that businesses' priorities change & IT leadership has to evolve and adapt to support their businesses in order to find success at this difficult time. We have seen a rapid adoption of cloud services to enable businesses to continue to function and importantly change their business models to succeed.

    Remote working is not new, but the scale of it has shifted considerably. As such, the risk profile associated with our remote working changes, and the focus that we need to put on securing the technologies used by the employees increases.

    It’s time to embrace cloud capabilities that can help businesses address speed to market through agility, lower TCO and an increased security posture. Now is the time to look at using technology intelligently in order to help our economy and way of life recover, but it needs to be done securely.

    In this session, we’ll discuss how organisations accelerate their cloud adoption to allow business resilience and competitiveness, while cybersecurity leaders must address new and heightened cyber risk concerns surrounding such rapid change.
  • Industry Cyber Exposure Report: Deutsche Börse Prime Standard 320 (English) Recorded: Jul 23 2020 56 mins
    Bob Rudis, Chief Data Scientist, Rapid7 Tod Beardsley, Research Director, Rapid7
    Rapid7 betreibt mehrere Researchprojekte, wie Project Sonar, Project Heisenberg, Under the Hoodie, National Exposure Index und Threat Intelligence. Diesmal haben unsere Forscher Ihren Blick auf Deutschland gerichtet und die Bedrohungslandschaft anhand von 320 an der Deutschen Börse gehandelten Unternehmen (Prime Standard) untersucht. Diese brandneue Studie stellen Ihnen die Autoren Tod Beardsley, Rapid7 Research Director, und Bob Rudis, Chief Data Scientist, vor.

    Folgende Themen erwarten Sie:

    Die Angreifbarkeit deutscher Unternehmen im internationalen Vergleich
    Industrien, die unwissentlich bösartigen Datenverkehr, wie z.B. EternalBlue Exploits und DDOS Angriffe, aussenden
    Die Gefahr, die von cloudbasierten Drittanbieterdiensten ausgeht
    Verbreitung der anti-spoofing Technik DMARC in Deutschland

    Die Industry Cyber-Exposure Reports von Rapid7 haben das Ziel, die Widerstandskraft von Unternehmen und Branchen gegen Cyberangriffe aufzuzeigen. Diesen aktuellen Sicherheitszustand zu kennen, hilft Unternehmen, ihre Cyber Security-Investitionen zu planen und Maßnahmen durchzuführen, um den Schutz gegen Cyber-Bedrohungen zu verbessern. Zudem soll der Report auch einen Anstoß geben, die Zusammenarbeit zwischen der Regierung und der deutschen Wirtschaft zu optimieren, damit User und Unternehmen in gleichem Maße sicherer agieren können.
  • Protecting Your Business from Nation State Attacks Recorded: Jul 21 2020 59 mins
    Diana Kelley | Matt Rider | Etay Maor
    Cyberattacks attributed to foreign governments have been on the rise for years, many against organizations all over the world. These attacks try to steal online account information, infect computers, and compromise the safety of networks. Targets of these attacks include think tanks, university staff, government employees, and even members of organizations focused on human rights issues.

    As these attacks increase in prevalence and sophistication, organizations are taking notice of the threats posed by hostile state actors and state-sponsored cybercriminal groups.

    So, how can businesses protect against them?

    Join today's episode of The (Security) Balancing Act with Diana Kelley to learn whether your business should be concerned about nation state attacks and what to do about it.

    The topics up for discussion will include:
    - State actors & rise in cyber crime
    - How the attackers get in
    - A review of recent nation-state campaigns
    - How does this impact organizations across different verticals (Financial vs Healthcare vs Government)
    - How industry and law enforcement are responding to these attacks
    - How AI and ML may change cybercriminal tactics
    - How to deal with threats from criminals and hostile states

    Panelists:
    - Etay Maor, Chief Security Officer, IntSights
    - Matt Rider, International Engineering Director, Rapid7

    We welcome viewer participation and questions during this interactive panel session.
  • 2020 Threat Report Recorded: Jul 16 2020 54 mins
    Wade Woolwine, Prin. Threat Intelligence Researcher; Kwan Lin, Prin. Data Scientist; Tod Beardsley, Research Director
    At Rapid7, we’re obsessed with giving our customers, prospects, and the industry as a whole the knowledge, tools, and telemetry to achieve positive outcomes within their security programs.

    In our latest threat telemetry data analysis we look at how internet-exposed systems and valid accounts are being targeted by attackers and provide recommendations to mitigate and remediate these threats.

    We also cover how to measure and improve how external attackers see your organization with respect to what systems and services are available on the internet, discuss the importance of account security through multi-factor authentication, password complexity requirements and more.

    Tune in as our research team provides you with the insight needed to help you prioritize these threats and safeguard your employees and business.
  • SOAR: IT Security Automatisieren – Ganz Ohne Code (German) Recorded: Jul 16 2020 28 mins
    Phillip Behmer
    Im Durchschnitt benutzen Security-Teams 57 unterschiedliche Produkte. Und selbst wenn es nur 10 sind, reicht dies oftmals schon aus, um einen Mitarbeiter durch den ständigen Kontextwechsel zu überlasten. Berücksichtigt man darüber hinaus die wachsende Komplexität moderner IT-Landschaften und die damit einhergehende Alarmüberflutung, ist es kein Wunder, dass es im Schnitt 279 Tage dauert, bis ein Angriff erkannt und eingedämmt wird.

    Der Einsatz moderner Technologien hingegen ermöglicht es Ihnen zeitintensive Prozesse automatisiert auszuführen. Mit spezialisierten Tools zur Automatisierung & Orchestrierung der gängigen Security-Workflows können Sie Unmengen an Zeit sparen und Ihre Mitarbeiter dort einsetzen, wo menschliches Know-How unverzichtbar ist.

    In unserem Webinar beleuchten wir:

    Welche gängigen Prozesse sich automatisieren lassen
    Wie diese Workflows in der Praxis aussehen
    Welcher Aufwand damit verbunden ist, automatisierte Prozesse einzuführen
    Ein kleiner Ausblick vorweg:

    Onboarding eines neuen Mitarbeiters: 5 Minuten statt 8 Stunden
    Eine Phishing-Alert-Investigation: 5 Minuten statt 75 Minuten
    Schwachstellen-Remediation: Minuten statt Stunden oder gar Tage
    Im Webinar lernen Sie zudem, wie Sie diese Aufgaben mit Hilfe von InsightConnect bewältigen können.
  • Full Enterprise Visibility In an EDR World Recorded: Jul 14 2020 49 mins
    Warwick Webb, Director of Detection and Response Services, Rapid7
    In this webinar, we’ll talk about a balanced approach to detection & response that leverages endpoint, network, user, and cloud service visibility to effectively detect & respond to the full range of threats facing enterprises today. We’ll do this through deep dives into 2 different real-world attacks detected and investigated by Rapid7's MDR team.

    Rapid7's Director of Detection and Response Services, Warwick Webb will discuss how logging and monitoring from the endpoint to the cloud helped the Rapid7 MDR team effectively identify these incidents, accurately assess scope and impact, and guide effective containment and eradication actions to eliminate the threat.

    Both attacks are valuable to learn about because:

    1) everyone is a target for ransomware
    2) webshells are multi-purpose and can be difficult to detect.

    Join us for this informative session.
Powering the Practice of SecOps
Organizations around the globe trust Rapid7 technology, services, and research to help them securely advance. The visibility, analytics, and automation delivered through our Insight cloud simplifies the complex and helps security teams reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Learn more at www.rapid7.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Behind the Scenes of Managed Detection & Response Service
  • Live at: May 26 2020 2:30 am
  • Presented by: Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
  • From:
Your email has been sent.
or close