7分钟
研究
Stories from the SOC Part 2: MSIX Installer Utilizes Telegram Bot to Execute IDAT Loader
In part one of our blog series, we discussed how a Rust based application was used to download 和 execute the IDAT Loader. 在本系列的第二部分中, we will be providing analysis of how an MSIX installer led to the download 和 execution of the IDAT Loader.
3分钟
检测和响应
Sharpen Your IR Capabilities With Rapid7’s 检测和响应 Workshop
Rapid7's 检测和响应 Workshop helps you determine if your tools can immediately detect 和 respond to threats.
3分钟
检测和响应
Cybersecurity as Digital Detective Work: DFIR 和 Its 3 Key Components
We highlight 3 elements of a well-formulated digital forensics 和 incident response (DFIR) strategy.
4分钟
检测和响应
攻击和. Data: What You Need to Know About Threat Hunting
While the definition of threat hunting may be straightforward—proactively hunting for threats—the reality of implementing a threat-hunting program is a bit more complicated, as there are different threat-hunting methodologies to choose from.
1分钟
检测和响应
InsightIDR’s NTA Capabilities Exp和ed to AWS
We’re excited to announce we have expanded the Network Traffic Analysis (NTA) capabilities in InsightIDR to support Amazon Web 服务 (AWS) environments.
2分钟
InsightIDR
How to Combat Alert Fatigue With Cloud-Based SIEM Tools
幸运的是, there’s a way to get the visibility your team needs 和 streamline alerts: leveraging a cloud-based SIEM.
2分钟
InsightIDR
Monitor Google Cloud Platform (GCP) Data With InsightIDR
今天, more 和 more organizations are adopting multi-cloud or hybrid environments, creating increasingly more dispersed security environments
11分钟
安全运营(SOC)
Talkin’ SMAC: Alert Labeling 和 Why It Matters
This blog post will demonstrate some common pitfalls of alert labeling, 和 offers a new framework for SOCs to use.
6分钟
InsightIDR
InsightIDR: 2020 Highlights 和 What’s Ahead in 2021
在我们开始新年之际, we wanted to highlight some key InsightIDR product investments 和 take a look ahead at detection 和 response in 2021.
5分钟
InsightIDR
Visualizing Network Traffic Data to Drive Action
在这个博客中, we cover the top five multi-groupby queries that can be used to visualize network sensor data with the Insight Network Sensor.
3分钟
检测和响应
2021 检测和响应 Planning, Part 3: Why 2021 Is the Year for SOC Automation
In this third installment of our series around 2021 security planning, we’re focused on SOC automation.
3分钟
InsightIDR
Introducing Enhanced Endpoint Telemetry (EET) in InsightIDR
Rapid7 is excited to announce Enhanced Endpoint Telemetry (EET) in our SIEM, InsightIDR.
5分钟
检测和响应
2021 检测和响应 Planning, Part 2: Driving SOC Efficiency With a 检测s-First Approach to SIEM
In this installment of our security planning series, we’ll explore the importance of reliable detections to drive an efficient security program forward.
4分钟
InsightIDR
What’s New in InsightIDR: Q3 2020 in Review
This post offers a closer look at some of the recent updates 和 releases in InsightIDR from Q3 2020.
6分钟
检测和响应
Rapid7 Introduces “Active 响应” for End-to-End 检测和响应
We are excited to announce the launch of our new Active 响应 capability as a part of our 耐多药 Elite service