Filter Resources

Whitepaper
Insider cybersecurity threats are much more prevalent than most of us realize. IBM estimates that 60% of all cyberattacks are perpetrated by those with insider access1; McAfee cites enterprise insiders as a major source of Personally Identifiable Information (PII) sold on the dark web, particularly in the healthcare industry; and at least two-thirds of major corporations reported insider threat incidents in 20163 ranging from file theft and destruction to selling passwords and deliberately sabotaging critical systems. Over 40% of U.S. government agencies report such incidents every year. It's a serious—yet incredibly overlooked—risk.
eBook
APIs are not necessarily a new technology, but in today's digital world, they have risen in prominence and become important to every facet of the enterprise. This in turn has increased the demand for effective API management. But what does an effective solution look like?
Publication
Federal security managers expect that most federally run systems are actively engaging with FISMA compliance for protecting federal data and systems. However, as we all know, federal information does not remain only in federally operated systems. Data and IT systems connect via the internet and other networks for business, operations and research. Information about citizens, banking and finance, research and development, and many other federal connected systems transmit data outside the federal networks—and their security compliance standards. So it makes sense that FISMA would adapt to address more than the original scope of perceived threats and specifically address systems and data security that inter-agency networks, vendors, contracts and supply chain puts at risk.
Whitepaper
The security industry is now starting to embrace the notion of cyber resiliency. A resilient system is one where vulnerabilities are assumed, but has defenses designed such that the system can continue to operate safely and reliably. A technique that enables system resiliency is Moving Target Defense.
Publication
Today's cybersecurity solutions are often complicated and expensive requiring companies to invest copious time and resources into securing their business. While each solution claims to be the "silver bullet" that will solve the security problem, each solution has failed to do so. Instead of building complex tools that attempt to constrain DevOps systems, Polyverse creates simple and intrinsic protections that works with innovation, not against.
Data Sheet
With Polyverse Polymorphic Linux, deployment is simple, taking less than 5 minutes for protection by a uniquely randomized set of binaries.
Whitepaper
Security organizations must rethink their vulnerability management programs. They need to monitor complex, dynamic computing environments, and respond in minutes or hours when issues are discovered—not days or weeks.
Publication
In 2017, Rapid7 launched the “Under the Hoodie” project to demystify the practice of penetration testing by surveying those who are in the field and conducting the investigations on what they most commonly see during client engagements. We have renewed this approach in 2018 to continue providing visibility into this often occult niche of information security.
Data Sheet
It’s time to break down silos and drive secure innovation, together. The practice of SecOps creates an alliance between Security, IT, and DevOps to make security an inherent outcome of all business innovation and operations. The Rapid7 Insight platform equips you with the visibility, analytics, and automation you need to unite your teams and amplify your efficiency.
Publication
In today’s world of complex, modern web applications, accurate and automated Dynamic Application Security Testing (DAST) tools are rare, but do exist. What characteristics should you look for in a DAST tool to give you greater accuracy and ease of use?
The Federal Fiscal Year End (FFYE) race is a long one, and FFYE is right around the corner. Do not lose steam in the final stretch — DLT is here to help you accelerate through the FFYE finish line.
eBook
Public sector organizations face complex challenges managing their data. Technology is constantly moving forward, and with this forward motion come new data sources (the Internet of Things and sensor-enabled equipment, social network feeds, data warehouses, software-as-a-service, etc.) and data types (structured and unstructured, raw and processed).
eBook
Government agencies must be able to connect, collect, and curate data from a broad spectrum of connected yet disparate data sources – sensors, machines, geo-location devices, social feeds, server logs, and more.
Case Study
This university is no small operation. With well over 30,000 undergraduate and graduate students from more than 130 countries, nearly 10,000 faculty and staff, 17 schools and colleges, and 250 fields of study, their three campuses are always humming, always in high gear. Cloud computing offers the university an opportunity to achieve significant improvements in functionality at the potential for reduced costs, especially as related to future capital cost avoidance.
Case Study
Fu Associates is a leading developer of information management and analysis systems. They pride themselves on providing quality services ranging from the design, development, and implementation of complex information systems to business process reengineering, policy analysis, and strategic planning. Their clients include public and private sector organizations in the elds of health care, aviation, labor, education, environment, agriculture, and defense.

Pages