White Papers
Leveraging Security Risk Intelligence - The strategic value of measuring Real Risk™
The ongoing struggle to prevent hackers from breaching assets and malware from gaining a foothold requires a vulnerability management strategy that begins with a comprehensive measurement of security risk. Starting with an understanding of the need for effective risk management followed by a definition of the elements of risk, this whitepaper presents the advantages and strategic value of Rapid7 Security Risk Intelligence for your environment and illustrates its operation.
Protecting Patient Health Information in the HITECH Era
The American Healthcare system is getting a complete facelift thanks to incentives to adopt Health Information Technology introduced by the Health Information Technology for Economic and Clinical Health (HITECH) Act. The HITECH Act contains tools for the enforcement of HIPAA regulations, as well as incentives to accelerate the adoption of information systems that reduce costs, gain efficiencies, and ultimately improve patient care while keeping patient health information secure. This paper examines the HITECH Act, the enforcement mechanisms the HITECH Act provides for HIPAA, and the key security challenges healthcare services face in order to protect patient health information as part of becoming HIPAA compliant.
Managing Cross Site Scripting (XSS) - The Number One Item on OWASP's Top Ten List
This white paper discusses the security risk that cross site scripting (XSS) represents for organizations. The white paper outlines the different forms of XSS vulnerabilities including reflective, persistent and DOM-based, why they are dangerous, and how to prevent them.
Best Practices to Protect the Cardholder Data Environment and Achieve PCI Compliance
Cyber-attacks designed for financial gain are on the rise, targeting proprietary information including customer and financial information. With over 127 million records exposed in 2007 in the US alone, attacks are becoming increasingly more sophisticated. Learn more about best practices to protect the cardholder data environment and achieve PCI compliance.
Penetration Testing - Knowledge is Power: Preparing Your Enterprise to Withstand Attack
This white paper highlights the benefits of penetration testing from technical testing (both automated and custom) as well as the role that an experienced security consultant plays in providing a higher level of security against inevitable attacks.
Understanding and Deploying the PCI Data Security Standard
PCI is one of the most stringent and detailed security requirements for retailers and merchants. This document outlines the different requirements to meet PCI compliance, maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement access controls and regularly monitor and test networks.
Using an Expert System for Deeper Vulnerability Scanning
This technical white paper discusses in detail how the Rapid7 Nexpose vulnerability management solution performs scanning and why the use of an expert system can achieve better results than those achieved by traditional procedural methods. The document provides an in-depth view of the use of artificial intelligence to penetrate systems.
IT Security in Higher Education White Paper
According to Analysts, the Higher Education sector is the most breached of any industry. This white paper outlines key reasons why universities are more affected by security issues and how they can better prepare themselves to address IT security and vulnerability management challenges.
- Related Resources
- Download Gartner MarketScope
