3 min
Komand
The Most Repetitive Tasks Security Analysts Perform
It’s not very productive to come into work day in and day out just to perform
the same task dozens of times when you were trained to hunt threats and
remediate complex problems.
The repetition of rote tasks like IP scoring, alert monitoring, and URL lookups
can be fatiguing and dissatisfying, which, as major security breaches show
, can cause alerts to slip through the cracks and threats to get in
4 min
Komand
Introducing Komand’s Security Orchestration and Automation Platform
It was just a few months ago when we launched our beta program. And with beta
users working within our security orchestration and automation platform
, we
built out new features, refined others, and overall fortified our solution.
We validated that security teams not only want to save time, increase
productivity, and streamline operations, they also need a tool that would allow
them to add automation to their security work
2 min
Nexpose
Maximizing PCI Compliance with Nexpose and Coalfire
In 2007 Coalfire selected Rapid 7 Nexpose as the engine around which to build
their PCI Approved Scan Vendor offering. PCI was just a few years old and
merchants were struggling to achieve and document full compliance with the
highly proscriptive Data Security Standard. Our goal was to find that classic
sports car blend of style and power: a vulnerability assessment solution that
was as streamlined and easy to use as possible, but robust enough to
significantly improve the customer's security.
3 min
Komand
The 3 Things You Need in Place to Successfully Leverage Security Orchestration and Automation
In a time where security is becoming a board-level discussion and threats are
affecting not only big businesses, but small ones too, many security teams are
scrambling to keep up. But keeping up with a mounting number of threats requires
massive efficiencies and a proactive security posture. The way to achieve both
of those simultaneously is through security orchestration and automation
.
By this point you’ve probably hear
2 min
IT Ops
Java 8 - Lazy argument evaluation
Overview
“I will always choose a lazy person to do a difficult job. Because he will find
an easy way to do it” – Bill Gates
Lazy evaluation is an evaluation strategy
which delays the evaluation
of an expression until its value is needed. The opposite of this is eager
evaluation, where an expression is evaluated as soon as it is bound to a
variable.]
Like most imperative programming l
5 min
Intrusion Detection
The Pros & Cons of Intrusion Detection Systems
Network Intrusion Detection System (NIDS)
A network intrusion detection system (NIDS) can be an integral part of an
organization’s security, but they are just one aspect of many in a cohesive and
safe system. They have many great applications, but there are also weaknesses
that need to be considered. It is important to compare an NIDS against the
alternatives, as well as to understand the best ways to implement them.
What Is an Intrusion Detection System?
Intrusion detection systems
6 min
Automation and Orchestration
How to Install Snort NIDS on Ubuntu Linux
Synopsis
Security is a major issue in today’s enterprise environments. There are lots of
tools available to secure network infrastructure and communication over the
internet. Snort is a free and open source lightweight network intrusion
detection and prevention system. Snort is the most widely-used NIDS (Network
Intrusion and Detection System) that detects and prevent intrusions by searching
protocol, content analysis, and various pre-processors. Snort provides a wealth
of features, like buffer
3 min
Automation and Orchestration
Introduction to Incident Response Life Cycle of NIST SP 800-61
Synopsis
In the series of blog posts titled “Incident Response Life Cycle in NIST and ISO
standards” we review incident response life cycle, as defined and described in
NIST and ISO standards related to incident management.
In previous article
in this series we reviewed NIST’s approach to incident response team and
explained how security automation can help mitigate issues related to building
a
4 min
Automation and Orchestration
Recommendations for Incident Response Team included in NIST Special Publication 800-61
Synopsis
We are starting series of blog posts: “Incident Response Life Cycle in NIST and
ISO standards”. In this series we will review incident response life cycle, as
defined and described in NIST and ISO standards related to incident management.
In the first post in this series, we introduce these standards and discuss
NIST’s approach to incident response team.
Introduction
NIST and ISO standards are excellent tools that can help organize and manage
security incident management in any organi
3 min
Automation and Orchestration
Understanding Access Control Lists
Synopsis
When it comes to the security regarding routers, switches or on the basic ISP
layers, we talk about ACLs. They are generally used to control/manage the
inbound and outbound traffic. In this blog, we will be looking into basic
configuration of standard IP ACLs also known as Access Lists or in some cases
filters.
Understanding ACL
Access Control
List
as the name suggests is a list that grants or denies permission
7 min
Komand
10 Ways to Make Your Security Posture More Proactive
In a perfect world, security teams have everything they need to defend against
the complex cybersecurity threat landscape: an enviable team of security pros,
sophisticated detection and prevention processes, and intelligent alerting and
reporting tools.
But in reality, most teams and security operations centers find themselves
struggling to keep pace. And whether it’s from an imbalance in people, process,
and technology, or a data utilization problem, security teams end up in a
reactive state:
2 min
Metasploit
Metasploitable3 CTF Results and Wrap-Up
The Metasploitable3 CTF competition
has wrapped up and we have our winners! We had almost 300 flag submissions from
more than 50 fine folks. There were some really great right-ups submitted with
great details on how flags were found. Thanks to everyone who took time to
submit a finding! ON TO THE RESULTS!
When we announced the competition, we didn't specify if team submissions were
allowed or not.
4 min
Haxmas
12 Days of HaXmas: Year-End Policy Comment Roundup
Merry HaXmas to you! Each year we mark the 12 Days of HaXmas
with 12 blog posts on hacking-related
topics and roundups from the year. This year, we're highlighting some of the
“gifts” we want to give back to the community. And while these gifts may not
come wrapped with a bow, we hope you enjoy them.
On the seventh day of Haxmas, the Cyber gave to me: a list of seven Rapid7
comments to government policy proposals! Oh, tis a magical season.
It was an ac
8 min
Haxmas
12 Days of HaXmas: A HaxMas Carol
(A Story by Rapid7 Labs)
Merry HaXmas to you! Each year we mark the 12 Days of HaXmas
with 12 blog posts on hacking-related
topics and roundups from the year. This year, we're highlighting some of the
“gifts” we want to give back to the community. And while these gifts may not
come wrapped with a bow, we hope you enjoy them.
Happy Holi-data from Rapid7 Labs!
It's been a big year for the Rapid7 elves Labs team. Our nigh 200-node strong
Heisenberg Cloud
3 min
Nexpose
macOS Agent in Nexpose Now
As we look back on a super 2016, it would be easy to rest on one's laurels and
wax poetic on the halcyon days of the past year. But at Rapid7 the winter
holidays are no excuse for slowing down: The macOS Rapid7 Insight Agent is now
available within Nexpose Now.
Live Monitoring for macOS
Earlier this year, we introduced Live Monitoring for Endpoints with the release
of a Windows agent for use with Nexpose Now. The feedback from the Community has
been great (and lively!) and now we're back with a