2 min
Cloud Security
CIEM is Required for Cloud Security and IAM Providers to Compete: Gartner® Report
Cloud Security and IAM providers should consider prioritizing specific CIEM capabilities according to a new Gartner report.
4 min
Cloud Security
Grocery Delivery Apps: Trading Convenience for Credentials
Adoption of food apps has been incredibly fast and they are now a ubiquitous part of everyday culture. However, the tradeoff for that convenience is risk.
3 min
Cloud Security
Hallmark Channel: Securing the Season
In 2021, Hallmark Channel finished as the number one network among “women 18 and above”, which led to $147.8 million in revenue generated from holiday programming alone. It’s safe to assume the company doesn’t want intellectual property (IP) theft cutting into those kinds of returns.
4 min
Cloud Security
Cloud Security and Compliance Best Practices: Highlights From The CSA Cloud Controls Matrix
In this blog post, we’ll dive into one of the most commonly-used cloud security standards for large, multi-cloud environments: the CSA Cloud Controls Matrix (CCM).
4 min
Vulnerability Disclosure
Cengage LTI Session Management Leakage
Cengage, an education technology provider in use in many higher education environments primarily in the United States, had two issues in the way it handled session management over its Learning Tools Integration (LTI) pipeline.
4 min
Cloud Security
Spoiler Alert: Your Favorite Content Might Not Be Secure
In this blog, we look at the macro issue of the entertainment business shifting to a streaming-first focus and the increased need for content and IP security.
2 min
IoT
Get your head in the cloud(s)
Many organizations are in the midst of adopting the cloud faster than ever before; it’s arguably mission critical for their success and longevity.
3 min
InsightCloudSec
Can Cloud Security Be Easier Than Complex?
Cloud security is one dish in the larger holiday meal of a company’s entire budget. Fighting for scraps of funding is hard, so it’s important to identify exactly what you need.
2 min
AWS
Rapid7 Integration For AWS Verified Access
Today at re:invent, Amazon Web Services (AWS) unveiled its new AWS Verified Access service, and we are thrilled to announce that InsightIDR — Rapid7’s next-gen SIEM and XDR — will support log ingestion from this new service when it is made generally available.
2 min
AWS
InsightIDR Launches Integration With New AWS Security Data Lake Service
One of the most exciting announcements has to be the launch of Amazon Security Lake. We see a lot of potential for this new service, which is why Rapid7 is proud to announce the immediate availability of an integration between InsightIDR and Security Lake.
3 min
Cloud Infrastructure
Unifying Threat Findings to Elevate Your Runtime Cloud Security
Widespread growth in cloud adoption in recent years has given businesses across industries the ability to transform in new ways, often forcing them to choose between slowing the pace of their innovation or taking on massive amounts of unmanaged risk.
3 min
Cloud Security
Reducing Risk In The Cloud with Agentless Vulnerability Management
In order to gain visibility into vulnerabilities in their public cloud environments, many organizations still rely on agent or network-based scanning technology that was initially built for traditional infrastructure and endpoints.
5 min
Cloud Security
Aligning to AWS Foundational Security Best Practices With InsightCloudSec
When an organization is moving their IT infrastructure to the cloud or expanding with net-new investment, the hardest tasks for the security team is to identify the proper security policies and controls to keep their cloud environments secure and the applications and sensitive data they host safe.
4 min
InsightCloudSec
Better Cloud Security Shouldn’t Require Bigger Budgets
When security budgets don’t match the pace of the cloud operations they’re tasked with securing, the only thing to do is become an expert in the stretch. It’s hard, and you might currently be under increasing stress to pull it all off.
5 min
Cloud Security
Rapid7 and HashiCorp Partner to Secure Terraform-based Cloud Infrastructure Deployments
In the latest installment in our cloud security “shift-left” blog series, we discuss Rapid7’s recent partnership with HashiCorp, ongoing support for scanning Terraform plans with our IaC security feature, and the recently released integration with Terraform Cloud & Enterprise run tasks.