Security Pro’s Guide to the Incident Response Basics
We hope the resources below help you with responding to security incidences. If you are interested in learning how Rapid7 can help you, check out our product UserInsight, or contact our incident response team if you need professional services.
WEBCASTS
Covering your Assets: Security Expert’s Guide to the Incident Response Bare Minimum
Presenter: Rick Holland, Principal Analyst at Forrester Research | Josh Feinblum, VP of Security at Rapid7
What is the first thing you would do after hearing of a breach at your organization? It’s not okay to have zero plans in place in case this happens – but it is also an enormous undertaking to build out a comprehensive incident response program. So, if nothing else, do you know the top immediate steps you should be prepared to take in the event of a breach?
Back to Basics: Threat Types and Defense-In-Depth to Maximize the ROI of Your Security Program
Presenter: Wade Woolwine, Manager of Strategic Services at Rapid7 | Mike Scutt, Senior Consultant, Strategic Services at Rapid7
Non-targeted, opportunistic, targeted, and insider are 4 threat types, or groupings, that have been understood by the security community at large for years. These groupings of threats are largely based on motivation, prevention, detectability, cost, and impact to those affected. On the defensive side, the concept of defense in depth where you secure the outer perimeter to prevent threats, monitor the interior perimeter for anomalous behavior, and apply tight restrictions to the most sensitive data and system has also been a proven approach to minimizing the impact of threats.
Security Pro’s Guide to Breach Preparedness and Response
Presenter: Wade Woolwine, Manager of Strategic Services, Rapid7; Mike Scutt, Senior Consultant for Analytic Response, Rapid7
Being prepared for an incident and being able to respond effectively if an incident occurs, though closely related, are separate beasts. Incident preparedness leads to more efficient and streamlined incident response. However – incident preparedness is an extensive process that involves identifying and documenting information about your business, assets, exposure, communications, and more. Key contributors need to be chosen and educated, and threat simulation exercises should be planned and executed – and this is all before anything has gone wrong! Incident response deals much more in being able to identify and analyze evidence to determine and close security gaps.
BLOG POSTS
WHITEBOARD WEDNESDAY VIDEOS
Incident Response Methodology: How To Respond To A Security Incident
In this Whiteboard Wednesday, one of Rapid7's senior incident responders will discuss how to respond to security incidents within your organization.
Preparing For Incident Detection And Response
In this whiteboard Wednesday we will talk about how you can get started with incident detection and response. Gartner projects that by the year 2020, 60% of security budget will be focused on rapid detection and response programs. Are you one of the many organizations investing in these types of programs? Before you get started, let's walk through some areas you should focus on in order to implement an incident detection and response program successfully.
INFOGRAPHIC
7 Things To Do When Your Business Is Hacked
If your organization was breached today, is your team ready to respond? Check out this infographic to learn about the 7 things you should do if your business was hacked.
