4 Levels of Automated Remediation
Automation can be incredibly powerful, particularly in the world of cloud security. But many organizations struggle to implement automation that will align with their broader security goals. This whitepaper outlines some best practices to consider when embracing automation.
The 10 Things Your MDR Service Must Do
This guide highlights 10 tactical prescriptions when evaluating Managed Detection and Response (MDR) vendors for what a provider should be able to offer your business, and Rapid7’s approach to each.
Ransomware Playbook: Actions You Can Take to Lower the Risk and Impact of This Kind of Attack
Many organizations are relying on Managed Detection & Response (MDR) providers to make sure they’re able to respond to threats like Ransomware as they emerge, without hiring any headcount. With an expected shortage of 2.5 million cybersecurity professionals it’s become critical to dedicate resources to better prepare for, detect, and respond to these types of
Practical Guide to Gartner’s Cloud Security Archetypes
The cloud security solutions market is growing rapidly and there are an overwhelming number of solutions. Figuring out the right tool, let alone the right type of tool, can be difficult. This guide distills the main concepts of five archetypes, as defined by Garner, that fall under the broader cloud security management platform umbrella:• Cloud
Cloud and Kubernetes – Removing the Kubernetes Security Blind Spots
Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP) are foundations for good cloud security, but with more and more organizations adopting microservices and Kubernetes orchestration using cloud and hybrid cloud infrastructure, they are unwittingly expanding their significant attack surface. In this paper, we explore:• Why Kubernetes security can leave blind spots and
Shifting Cloud Security Left With Infrastructure as Code
DevOps and the continuous integration/continuous deployment (CI/CD) pipeline are revolutionizing application development, test, and cloud delivery, enabling developers to write the application code and define the cloud infrastructure. But where is cloud security? Shifting left allows cloud security to scale along with development, improving developer productivity and stopping security and compliance risks before runtime. With
Securing Kubernetes With InsightCloudSec, Rapid7’s Cloud-Native Security Platform
Enterprises on a Kubernetes journey cannot apply the traditional security solutions that once protected on-site servers or VMs, as those are not designed for the unique development practices and distributed environments with which Kubernetes excels. Enterprises must expand their existing security programs to cover the entire Kubernetes software lifecycle with solutions that are intentionally built
Three Common Kubernetes Security Mistakes and How to Avoid Them
The rise of Kubernetes in the enterprise has greatly simplified cloud native infrastructure for developers. You can start serving internet users with just a few lines of code and one Kubernetes command. But just like any tool or technology, Kubernetes comes with new security considerations. And it’s not because Kubernetes is inherently insecure or risky,
Sharing the Workload of Workload Security
IT admins and security teams have always played their parts in keeping systems secure—though often in relative isolation of each other. Security teams are usually comprised of policy and audit groups, threat hunters, and incident response teams. Meanwhile, the operational burden of security and compliance frequently falls on IT admins who are not necessarily security
Forrester Wave, We’re a Leader!
VMware Carbon Black Named a Leader in The Forrester Wave™: Endpoint Security Software As A Service, Q2 2021 In The Forrester Wave™: Endpoint Security Software As A Service, Q2 2021, VMware Carbon Black Cloud was named a Leader. To learn more about why we were recognized as a Leader in endpoint security software as a