4 min
Security Strategy
UX Research: Steps & Methodologies to Inform Product Redesign
The user experience (UX) design and research teams are preparing to revamp
Rapid7's customer learning and online help. As such, I thought I would take the
opportunity to provide our community insight into the role UX research plays in
bringing new designs – of both new and existing features and experiences – to
fruition.
Before I begin, I'll tell you a little bit about our “research” team. The Rapid7
UX research team, which sits within the greater UX team, consists of myself and
my colleague Ge
5 min
IT Ops
Get your work done even faster with the Logentries REST API
Now you can get your work done even faster by automating tasks with the
Logentries REST API. With the ability to programmatically query data, manage
users, create alerts and integrate third party tools, it’s now easier to finish
the job and get on with your day.
Table of contents
* Query API- Example Usage
* Team and User Management API- Example Usage
* Tags and Alerts API- Example Usage
* LeExportPy- Read More
* LeCLI- Read More
On-demand Webinar
Interested in learning more about the
4 min
Automation and Orchestration
Secure Password Storage in Web Apps
Synopsis
We like writing web applications. Increasingly, software that might have once
run as a desktop application now runs on the web. So how do we properly
authenticate users in web contexts? Passwords, of course! Let’s look at how to
handle password authentication on the web.
What not to do
It’s very tempting to use plaintext authentication for web applications. Let’s
whip up a quick python web server that we’ll use to test authentication. Let’s
say we want to provide access to magic number
5 min
Komand
5 Reasons Companies Are Losing Security Talent (And What to Do)
It’s hard enough finding security talent, but losing the talent you already have
can be a particularly painful blow. That’s why we’ve put together a quick guide
to help you:
* Address some of the underlying causes of attrition
* Increase retention of your security talent
* Solve the security gap at your organization
Here are five common talent-retention challenges and how to address them
head-on.
Challenge #1: Constrained Budgets and Disproportionate Strategy
According to Kaspersky Labs, 8
5 min
Komand
Filtering and Automated Decisions with PEG.js and React-Mentions
Here at Komand, we needed an intuitive way to filter data from a trigger step.
When automating security operations and processes, sometimes you don’t want a
workflow to start on every trigger. Splunk logs may be firing off millions of
events, but running a workflow for each one may not really be what you need. If
we were to set up a privilege escalation rule in Sysdig Falco and index it in
Splunk, we would want to run a specific workflow for that rule, but a separate
workflow for detecting SQ
5 min
IT Ops
Hashing Infrastructures
Engineers in fast moving, medium to large scale infrastructures in the cloud are
often faced with the challenge of bringing up systems in a repeatable, fast and
scalable way. There are currently tools which aid engineers in accomplishing
this task e.g. Convection, Terraform, Saltstack, Chef, Ansible, Docker. Once the
system is brought up there is a maintenance challenge of continually deploying
and destroying the resources. What if we can hash the inputs for describing an
infrastructure, where
4 min
Disaster Preparedness: It's Not Thought Of Until It Is Needed Most
...and then it might be too late.
> An update from Delta CEO Ed Bastian: pic.twitter.com/udNN0kzbKs
— Delta (@Delta) August 8, 2016
Recently, Delta Airlines suffered a weeklong outage that, if you take it on it's
face, ticks just about every box on a security person's disaster recovery
planning scenario.
Delta has given
3 min
Komand
Defining the Roles & Responsibilities of Your Security Team
Muddling together security responsibilities often leads to tasks falling through
the cracks. Instead, organizations should be as clear as possible about which
member of the security staff is responsible for which tasks. Moreover, the
division of those tasks should reflect the unique capabilities and strengths of
each team member.
For instance, SOC personnel should be given tasks that require immediate
attention, such as alert handling and incident response. Security engineers, on
the other hand
3 min
Nexpose Now Notes: August 2016
We build Nexpose to help security practitioners get from find to fix faster.
With the launch of Nexpose Now
, Rapid7 delivered
Liveboards
to help
you know what's weak in your world right now. Liveboards combine your live
threat exposure data, powerful analytics and intuitive querying so you can spend
less time compiling data, and more time improving your security program.
3 min
Komand
Does Security Automation Mean SOC Employees Will Be Obsolete?
Telephones, computers, and robots all have one thing in common: People thought
they’d replace the need for human input, putting us all out of a job. On the
contrary, these technologies were widely embraced once the public realized what
their true purpose was: to automate tedious work and enable us to do things we
actually enjoy doing, and faster, too. The same benefits apply to security
operations, and this is a great thing for security operations centers (SOCs)
2 min
SMB Security is so Simple - Take Advantage of it Now.
This is a guest post from our frequent contributor Kevin Beaver
. You can read all of his previous guest posts here
.
Small and medium-sized businesses (SMBs) have it made in terms of security. No,
I'm not referring to the threats, vulnerabilities, and business risks. Those are
the same regardless of the size of the organization. Instead, I'm talking about
how relatively easy it is to establish and build out core information security
functions and o
3 min
Metasploit
Metasploit Weekly Wrapup: Aug. 12, 2016
Las Vegas 2016 is in The Books
This week's wrap-up actually covers two weeks thanks in large part to the yearly
pilgrimage to Las Vegas. I myself elected not to attend, but I'm told everyone
had a great time. Many on the team are still recuperating, but I'd wager that
they all enjoyed seeing you there as well. Here's to everyone's speedy
recovery.
Centreon Web UserAlias Command Execution
Our first new module this go-around exploits a remote command execution
vulnerability in Centreon Web via
3 min
Log Management
Using Log Data as Forensic Evidence
This is a guest post by Ed Tittel. Ed, a regular contributor to
blog.logentries.com , has been writing about
information security topics since the mid-1990s. He contributed to the first
five editions of the CISSP Study Guide (Sybex, 6e, 2012, ISBN:
978-1-119-31427-3) and to two editions of Computer Forensics JumpStart (Sybex,
2e, 2011, ISBN: 978-0-470-93166-0), and still writes and blogs regularly on
security topics for websites including Tom's IT Pro, GoCertify.co
3 min
IT Ops
4 Potential Security Issues Raised By Pokémon Go
Pokémon Go is a phenomenon. The game is objectively a success and has been
breaking mobile gaming records almost weekly. The game’s current success is
without being open in some significant markets and it shows no signs of slowing.
It is important to remind players to take measures to protect your company’s
interests when playing.
Pokémon Go is an Augmented Reality game. Players see the game’s fictional world
on top of everyday reality. Augmented Reality manifests in several ways: from
import
1 min
Public Policy
NIST 800-53 Control Mappings in SQL Query Export
In July, we added National Institute of Standards and Technology (NIST) Special
Publication 800-53r4 controls mappings to version 2.0.2 of the reporting data
model for SQL Query Export reports. NIST 800-53 is a publication that develops a
set of security controls standards that are designed to aid organizations in
protecting themselves from an array of threats.
What does this mean for you? Well, now you can measure your compliance against
these controls by writing SQL queries. For example, say