2 min
Cloud Security
Top Challenges for Security Analytics and Operations, and How a Cloud-Based SIEM Can Help
To keep up and combat key security operations challenges, many organizations are making the move to the cloud for broader, more flexible detection and response coverage of their ever-changing security environments.
5 min
User Behavior Analytics
[Q&A] Why Every Threat Detection Strategy Needs User Behavior Analytics
VP of Product Sam Adams explains how UBA works and how it’s evolved over the years to become a core part of threat detection and response strategies.
17 min
InsightIDR
Universal Event Formats in InsightIDR: A Step-by-Step NXLog Guide
Follow this step-by-step walkthrough to use NXLog to transform an ingress authentication log into UEF.
2 min
User Behavior Analytics
Universal Event Formats Q&A: Apply User Behavior Analytics to More of Your Data
Rapid7 is proud to announce a new way to collect log data: Universal Event Formats. Here is a quick Q&A to give you the lowdown.
2 min
User Behavior Analytics
Deception Technology in InsightIDR: Setting Up Honey Users
Having the ability to detect and respond to user authentication attempts is a
key feature of InsightIDR [http://4hko.drordi.com/products/insightidr/],
Rapid7’s threat detection and incident response solution
[http://4hko.drordi.com/solutions/incident-detection-and-response/]. Users can
take this ability one step further by deploying deception technology, like honey
users, which come built into the product. A honey user is a dummy user not
associated with a real person within your organization. B
2 min
InsightIDR
2017 Gartner Magic Quadrant for SIEM: Rapid7 Named a Visionary
If you’re currently tackling an active SIEM project, it’s not easy to dig
through libraries of product briefs and outlandish marketing claims. You can
turn to trusted peers, but that’s challenging in a world where most leaders
aren’t satisfied with their SIEM [http://4hko.drordi.com/fundamentals/siem/],
even after generous amounts of professional services and third-party management.
Luckily, Gartner is no stranger to putting vendors to the test, especially for
SIEM, where since 2005 they’ve rele
5 min
SIEM
SIEM Market Evolution And The Future of SIEM Tools
There’s a lot to be learned by watching a market like SIEM adapt as technology evolves, both for the attackers and the analysis.
1 min
InsightIDR
Want to Try InsightIDR in Your Environment? Free Trial Now Available
InsightIDR, our SIEM powered by user behavior analytics, is now available to try in your environment. This post shares how it can help your security team.
4 min
User Behavior Analytics
SIEM Tools Aren't Dead, They're Just Shedding Some Extra Pounds
Security Information and Event Management (SIEM)
[http://4hko.drordi.com/fundamentals/siem/] is security's Schrödinger's cat.
While half of today's organizations have purchased SIEM tools, it's unknown if
the tech is useful to the security team… or if its heart is even beating or
deployed. In response to this pain, people, mostly marketers, love to shout that
SIEM is dead, and analysts are proposing new frameworks with SIEM 2.0/3.0,
Security Analytics, User & Entity Behavior Analytics
[http://w
6 min
User Behavior Analytics
User Behavior Analytics and Privacy: It's All About Respect
When I speak with prospects and customers about incident detection and response
(IDR) [http://4hko.drordi.com/solutions/incident-detection/], I'm almost always
discussing the technical pros and cons. Companies look to Rapid7 to combine
user
behavior analytics (UBA)
[http://4hko.drordi.com/solutions/user-behavior-analytics/] with endpoint
detection and log search to spot malicious behavior in their environment. It's
an effective approach: an analytics engine that triggers based on known attack
m
3 min
Vulnerability Management
Warning: This Blog Post Contains Multiple Hoorays! #sorrynotsorry
Hooray for crystalware!
I hit a marketer's milestone on Thursday – my first official award ceremony,
courtesy of the folks at Computing Security Awards
[http://computingsecurityawards.co.uk/], which was held at The Cumberland Hotel
in London. Staying out late on a school night when there's a 16 month old
teething toddler in the house definitely took it's toll the following morning,
but the tiredness was definitely softened by the sweet knowledge that we'd left
the award ceremony brandishing so
3 min
InsightIDR
Detect Corporate Identity Theft with a New Intruder Trap: Honey Credentials
If you're only looking through your log files, reliably detecting early signs of
attacker reconnaissance can be a nightmare. Why is this important? If you can
detect and react to an intruder early in the attack chain, it's possible to kick
the intruder out before he or she accesses your critical assets. This is not
only good for you (no monetary data is stolen), but it's also critical because
this is the only time in the chain that the intruder is at a disadvantage.
Once an attacker has an i
1 min
Incident Response
SANS Review of Rapid7 UserInsight (now InsightUBA) for User Behavior Analytics and Incident Response
Editor's Note - March 2016: Since this review, UserInsight has now become
InsightUBA. Along with the name change comes a completely redesigned user
interface, continuous endpoint detection, and another intruder trap to reliably
detect attacker behavior outside of logs. We also launched InsightIDR, which
combines the full power of InsightUBA with Endpoint Forensics, Machine Data
Search, and Compliance Reporting into a single solution.
User behavior analytics (UBA) is a new space that is still un
2 min
InsightIDR
Calling Your Bluff: Behavior Analytics in Poker and Incident Detection
As a former – or dormant – professional poker player, I'm seeing a lot of
parallels between poker and incident detection, especially when it comes to
behavior analytics. Detecting a bluff in poker is really not all that different
from detecting an intruder on the network.
New solutions, like Rapid7's InsightIDR
[http://4hko.drordi.com/products/insightidr/], incorporate machine learning and
user behavior analytics [http://4hko.drordi.com/products/insightidr/] to detect
stealthy attacks. This is
2 min
Authentication
Understanding User Behavior Analytics
Hey everyone! I'm pleased to announce that we've put together another pretty fun
research report here in the not-terribly-secret overground labs here at Rapid7:
Understanding User Behavior Analytics. You can download it over here
[http://information.drordi.com/understanding-user-behavior-analytics-report.html]
.
Modern enterprise breaches tend to make heavy use of misbehaving user accounts.
Not the users -- the people typing at keyboards or poking at their smartphones
-- but user accounts.