White Papers

Leveraging Security Risk Intelligence
Leveraging Security Risk Intelligence - The strategic value of measuring Real Risk™

The ongoing struggle to prevent hackers from breaching assets and malware from gaining a foothold requires a vulnerability management strategy that begins with a comprehensive measurement of security risk. Starting with an understanding of the need for effective risk management followed by a definition of the elements of risk, this whitepaper presents the advantages and strategic value of Rapid7 Security Risk Intelligence for your environment and illustrates its operation.

Download White Paper

Whitepaper Protecting Patient Health
Protecting Patient Health Information in the HITECH Era

The American Healthcare system is getting a complete facelift thanks to incentives to adopt Health Information Technology introduced by the Health Information Technology for Economic and Clinical Health (HITECH) Act. The HITECH Act contains tools for the enforcement of HIPAA regulations, as well as incentives to accelerate the adoption of information systems that reduce costs, gain efficiencies, and ultimately improve patient care while keeping patient health information secure. This paper examines the HITECH Act, the enforcement mechanisms the HITECH Act provides for HIPAA, and the key security challenges healthcare services face in order to protect patient health information as part of becoming HIPAA compliant.

Download White Paper

Whitepaper Cross Site Scripting
Managing Cross Site Scripting (XSS) - The Number One Item on OWASP's Top Ten List

This white paper discusses the security risk that cross site scripting (XSS) represents for organizations. The white paper outlines the different forms of XSS vulnerabilities including reflective, persistent and DOM-based, why they are dangerous, and how to prevent them.

Download White Paper

Whitepaper Best Practices to Protect the Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect the Cardholder Data Environment and Achieve PCI Compliance

Cyber-attacks designed for financial gain are on the rise, targeting proprietary information including customer and financial information. With over 127 million records exposed in 2007 in the US alone, attacks are becoming increasingly more sophisticated. Learn more about best practices to protect the cardholder data environment and achieve PCI compliance.

Download White Paper

Whitepaper Penetration Testing
Penetration Testing - Knowledge is Power: Preparing Your Enterprise to Withstand Attack

This white paper highlights the benefits of penetration testing from technical testing (both automated and custom) as well as the role that an experienced security consultant plays in providing a higher level of security against inevitable attacks.

Download White Paper

Whitepaper Understanding and Deploying the PCI Data Security Standard
Understanding and Deploying the PCI Data Security Standard

PCI is one of the most stringent and detailed security requirements for retailers and merchants. This document outlines the different requirements to meet PCI compliance, maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement access controls and regularly monitor and test networks.

Download White Paper

Whitepaper Using an Expert System for Deeper Vulnerability Scanning
Using an Expert System for Deeper Vulnerability Scanning

This technical white paper discusses in detail how the Rapid7 Nexpose vulnerability management solution performs scanning and why the use of an expert system can achieve better results than those achieved by traditional procedural methods. The document provides an in-depth view of the use of artificial intelligence to penetrate systems.

Download White Paper

Whitepaper IT Security in Higher Education White Paper
IT Security in Higher Education White Paper

According to Analysts, the Higher Education sector is the most breached of any industry. This white paper outlines key reasons why universities are more affected by security issues and how they can better prepare themselves to address IT security and vulnerability management challenges.

Download White Paper