All posts by Rapid7

[Security Nation] Mike Hanley of GitHub on the Log4j Vulnerability

Post Syndicated from Rapid7 original https://blog.rapid7.com/2022/01/19/security-nation-mike-hanley-of-github-on-the-log4j-vulnerability/

[Security Nation] Mike Hanley of GitHub on the Log4j Vulnerability

In our first episode of Security Nation Season 5, Jen and Tod chat with Mike Hanley, Chief Security Officer at GitHub, all about the major vulnerability in Apache’s Log4j logging library (aka Log4Shell). Mike talks about the ins and outs of GitHub’s response to this blockbuster vulnerability and what could have helped the industry deal with an issue of this massive scope more effectively (hint: he drops the SBOM). They also touch on GitHub’s updated policy on the sharing of exploits.

Stick around for our Rapid Rundown, where Tod and Jen talk about Microsoft’s release of emergency fixes for Windows Server and VPN over Martin Luther King Day weekend.

Mike Hanley

[Security Nation] Mike Hanley of GitHub on the Log4j Vulnerability

Mike Hanley is the Chief Security Officer at GitHub. Prior to GitHub, Mike was the Vice President of Security at Duo Security, where he built and led the security research, development, and operations functions. After Duo’s acquisition by Cisco for $2.35 billion in 2018, Mike led the transformation of Cisco’s cloud security framework and later served as CISO for the company. Mike also spent several years at CERT/CC as a Senior Member of the Technical Staff and security researcher focused on applied R&D programs for the US Department of Defense and the Intelligence Community.

When he’s not talking about security at GitHub, Mike can be found enjoying Ann Arbor, MI with his wife and seven kids.

Show notes

Interview links

Rapid Rundown links

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today

7Rapid Questions: Stephen Donnelly

Post Syndicated from Rapid7 original https://blog.rapid7.com/2022/01/14/7rapid-questions-stephen-donnelly/

7Rapid Questions: Stephen Donnelly

At Rapid7, there’s no shortage of passionate leaders looking to challenge convention and make an impact. Our “7Rapid Questions” series is a way to highlight some of the amazing work taking place behind the scenes, and the exciting growth opportunities available in our global offices.

For this installment, we spoke with Stephen Donnelly, Rapid7’s Senior Engineering Manager for SOAR in our Belfast office.

7Rapid Questions: Stephen Donnelly
Stephen Donnelly

What does SOAR stand for?

SOAR stands for Security Orchestration Automation Response.

Describe what your teams do in 3 phrases

1. We provide a wide variety of interoperability between our own and other vendors’ products.

2. We accelerate time-intensive, highly manual incident response and vulnerability management processes.

3. We create a consistent automation experience for our customers across our entire Insight Platform, whether they are cloud or on-premise-based.

What are your most important technical goals in 2022?

For 2022, we’re looking at performance at scale, building an open API culture for our customers, and breaking down our work to show value to customers on a regular and consistent cadence.

What is your tech stack?

We use a little bit of everything, primarily Go, Python, Java, Kotlin, React, Typescript, AWS, and Datadog.

What’s a fun fact some people might not know about you?

I once tried out for the National American Football team after playing for the QUB American Football team. It hurts emotionally… and physically.

What was one of your proudest moments at work?

I’d say it’s been seeing our team grow in the last year. We had 13 people join our SOAR practice in 3 months, and seeing how they have all been welcomed and embraced by the teams tells me that Rapid7 is properly focused on our people and their experiences within the organization.

What three words would you use to describe the culture at Rapid7?

Welcoming, authentic, and learning.

Interested in exploring a new role? Stephen and his team are hiring in Belfast! Click here to browse our open jobs at Rapid7.

Rapid7 2021 Wrap-Up: Highlights From a Year of Empowering the Protectors

Post Syndicated from Rapid7 original https://blog.rapid7.com/2022/01/05/rapid7-2021-wrap-up-highlights-from-a-year-of-empowering-the-protectors/

Rapid7 2021 Wrap-Up: Highlights From a Year of Empowering the Protectors

Now that 2022 is fully underway, it’s time to wrap up some of the milestones that Rapid7 achieved in 2021. We worked harder than ever last year to help protectors keep their organization’s infrastructure secure — even in the face of some of the most difficult threats the security community has dealt with in recent memory. Here’s a rundown of some of our biggest moments in that effort from 2021.

Emergent threats and vulnerability disclosures

As always, our Research and Emergent Threat Response teams spent countless hours this year tirelessly bringing you need-to-know information about the most impactful late-breaking security exploits and vulnerabilities. Let’s revisit some of the highlights.

Emergent threat reports

Vulnerability disclosures

Research and policy highlights

That’s not all our Research team was up to in 2021. They also churned out a wealth of content and resources weighing in on issues of industry-wide, national, and international importance.

The Rapid7 family keeps growing

Throughout 2021, we made some strategic acquisitions to broaden the solutions we offer and help make the Insight Platform the one-stop shop for your security program.

Industry accolades

We’re always thrilled to get industry recognition for the work we do helping protectors secure their organizations — and we had a few big nods to celebrate in 2021.

Keeping in touch

Clearly, we had a pretty busy 2021 — and we have even more planned for 2022. If you need the latest and greatest in security content to tide you over throughout the last few weeks of the year, we have a few ideas for you.

Stay tuned for more great content, research, and much more in 2022!

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.

Update on Log4Shell’s Impact on Rapid7 Solutions and Systems

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/

Update on Log4Shell’s Impact on Rapid7 Solutions and Systems

Like the rest of the security community, we have been internally responding to the critical remote code execution vulnerability in Apache’s log4j Java library (a.k.a. Log4Shell). We have been continuously monitoring for Log4Shell exploit attempts in our environment and have been urgently investigating the implications for our corporate and production systems. Log4Shell has kept the security community extremely busy for the past several days, and we are no exception. At this time, we have not detected any successful Log4Shell exploit attempts in our systems or solutions. We will continue monitoring our environment for new vulnerability instances and exploit attempts and will update this page as we learn more.

Rapid7 solutions

In terms of Rapid7’s solutions, we prioritized remediation efforts on the Insight Platform and other hosted web application products (e.g. non-Insight branded products such as Logentries). We have remediated the Log4Shell vulnerability in our deployed application services’ code. Customers do not need to take action for any of our hosted web solutions.

Customer action required

There is no action for most customers using our solutions. However, for those using on-premise solutions, the following products and product components have been patched but require customers to take action to fully remediate Log4Shell in their environments. We strongly urge all customers using vulnerable versions of these products and product components to apply updates immediately since this vulnerability is being actively exploited and could result in highly impactful remote code execution.

Product or Component Affected Version(s) Remediation and Mitigation Instructions
InsightOps r7insight_java logging library Versions <= 3.0.8 Upgrade r7insight_java to 3.0.9
Logentries le_java logging library All versions: this is a deprecated component Migrate to version 3.0.9 of r7insight_java
Logentries DataHub Linux version <= 1.2.0.820

Windows version <= 1.2.0.820

Linux: Install DataHub_1.2.0.822.deb using the following instructions.

Windows: Run version 1.2.0.822 in a Docker container or as a Java command per these instructions.

You can find more details here.

InsightOps DataHub InsightOps DataHub <= 2.0 Upgrade DataHub to version 2.0.1 using the following instructions.

No customer action required

We have confirmed the following on-premise products and product components are not affected:

  • Alcide kArt, kAdvisor, and kAudit
  • AppSpider Pro
  • AppSpider Enterprise
  • Insight Agent
  • InsightIDR Network Sensor
  • InsightIDR/InsightOps Collector & Event Sources
  • InsightAppSec Scan Engine
  • InsightCloudSec/DivvyCloud
  • InsightConnect Orchestrator
  • InsightOps non-Java logging libraries
  • InsightVM Kubernetes Monitor
  • InsightVM/Nexpose
  • InsightVM/Nexpose Console
  • InsightVM/Nexpose Engine
  • IntSights virtual appliance
  • Metasploit Pro

Metasploit Pro ships with log4j but has specific configurations applied to it that mitigate Log4Shell. A future update will contain a fully patched version of log4j.

  • Metasploit Framework
  • tCell Java Agent
  • Velociraptor

Further reading and recommendations

Our Emerging Threat Response team has put together a detailed blog post about general guidance about how to mitigate and remediate Log4Shell. We will continue updating this post as we learn more about Log4Shell and new mitigation strategies and tactics.

[Security Nation] Chris John Riley on Minimum Viable Secure Product (MVSP)

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/11/24/security-nation-chris-john-riley-on-minimum-viable-secure-product-mvsp/

[Security Nation] Chris John Riley on Minimum Viable Secure Product (MVSP)

In the final installment of Season 4 of Security Nation, Jen and Tod sit down with Chris John Riley, senior security engineer at Google and co-host of the First Impressions podcast (the one about cybersecurity, not Jane Austen). They chat about Minimum Viable Secure Product (MVSP), a set of controls Chris recently helped develop at Google that aim to provide a better baseline for security when evaluating vendor risk. They discuss the state of supply chain security for technology vendors and the challenges of establishing what really qualifies as “minimum” in terms of security protocols.

Stick around for our Rapid Rundown, where Tod and Jen talk about a recently disclosed DNS rebinding vulnerability in Sky routers that exposed them to takeover attacks over the course of a whopping 17 months.

Check back in with us for Season 5 of Security Nation in January. In the meantime, have a safe holiday and a happy New Year!​

Chris John Riley

[Security Nation] Chris John Riley on Minimum Viable Secure Product (MVSP)

Chris John Riley is a Senior Security Engineer at Google, where he is tech lead for the vendor reviews focus area.

In his spare time, Chris collects books (that he never finds time to read) and spends his weekend taking long romantic walks from the sofa to the kitchen (mostly for snacks).

Show notes

Interview links

Rapid Rundown links

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today

[Security Nation] Michael Powell on Being a Cyber Envoy

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/11/10/security-nation-michael-powell-on-being-a-cyber-envoy/

[Security Nation] Michael Powell on Being a Cyber Envoy

In this episode of Security Nation, Jen and Tod chat with Michael Powell about his work as specialist cyber representative to North America for the UK’s Department for International Trade (DIT). After confirming that Michael is not actually a spy (or is he?), they discuss the excitement and challenges of creating cross-continental collaboration on some of the most pressing cybersecurity issues organizations face today — including supply chain risk, ransomware, and the role of government in moving the needle on these threats.

Stick around for our Rapid Rundown, where Tod and Jen talk about inTheWild, a new open-source, community-driven database for vulnerabilities that are being actively exploited.

Michael Powell

[Security Nation] Michael Powell on Being a Cyber Envoy

Michael Powell is DIT’s cyber sector trade specialist in North America. His background includes over 15 years of experience with major enterprise and start-ups, defining and delivering managed and professional cybersecurity services for law enforcement and commercial organizations. Michael is based on the East Coast, advising UK companies on North America market entry – leveraging DIT’s network to discuss resourcing, legislation, and the evolving needs of buyers. He is a proponent of workforce diversity across the tech sector and has a strong technical background to understand and discuss solutions to complex organizational cybersecurity problems. When not advising UK companies, he works closely with the London specialist teams, and partners, on investment opportunities and being an in-market voice for the UK cybersecurity ecosystem.

Show notes

Interview links

Rapid Rundown links

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today

[Security Nation] Pete Cooper and Irene Pontisso of the UK Cabinet Office on Their Cybersecurity Culture Competition

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/11/04/pete-cooper-and-irene-pontisso-of-the-uk-cabinet-office-on-their-cybersecurity-culture-competition/

[Security Nation] Pete Cooper and Irene Pontisso of the UK Cabinet Office on Their Cybersecurity Culture Competition

In this special bonus episode of Security Nation, Jen and Tod chat with Pete Cooper and Irene Pontisso from the UK Cabinet Office about their current competition aiming to promote cybersecurity culture among small businesses. They highlight their 9 hypotheses, which touch on the role of human factors, the distinction between cyber culture and security culture, and the importance of leadership. They chat about why they decided to get help validating these ideas through a competition format the “Bakeoff Approach,” as Irene calls to promote collaborative thinking and get a sense of what organizations are doing on these issues today.

The deadline to apply for the competition is fast approaching on Monday, November 8, and winners will be awarded contracts to carry out the competition over 12 weeks, beginning in late November. Check out the Invitation to Tender to submit your entry!

Pete Cooper

[Security Nation] Pete Cooper and Irene Pontisso of the UK Cabinet Office on Their Cybersecurity Culture Competition

Pete Cooper is Deputy Director Cyber Defence within the Government Security Group in the UK Cabinet Office, where he looks over the whole of the Government sector and is responsible for the Government Cyber Security Strategy, standards, and policies as well as responding to serious or cross-government cyber incidents. With a diverse military, private-sector, and government background, he has worked on everything ranging from cyber operations, global cyber security strategies, advising on the nature of state-vs.-state cyber conflict to leading cybersecurity change across industry, public sector, and the global hacker community, including founding and leading the Aerospace Village at DEF CON. A fast jet pilot turned cyber operations advisor, who on leaving the military in 2016, founded the UK’s first multi-disciplinary cyber strategy competition, he is passionate about tackling national and international cybersecurity challenges through better collaboration, diversity, and innovative partnerships. He has a Post Grad in Cyberspace Operations from Cranfield University, is a Non-Resident Senior Fellow at the Cyber Statecraft Initiative of the Scowcroft Centre for Strategy and Security at the Atlantic Council, and is a Visiting Senior Research Fellow in the Department of War Studies, King’s College London.

Irene Pontisso

[Security Nation] Pete Cooper and Irene Pontisso of the UK Cabinet Office on Their Cybersecurity Culture Competition

Irene is Assistant Head of Engagement and Information within the Government Security Group in the UK Cabinet Office. Irene is responsible for the design and strategic oversight of cross-government security education, awareness, and culture-related initiatives. She is also responsible for leading cross-government engagement and press activities for Government Security and the Government Chief Security Officer. Irene started her career in policy and international relations through her roles at the United Nations Platform for Space-Based Information for Disaster Management and Emergency Response (UN-SPIDER). Irene also has significant industry and third-sector experience, and she partnered with the world’s leading law firms to provide free access to legal advice for NGOs on international development projects. She also has experience in leading large-scale exhibitions and policy research in corporate environments. She holds a MSc in International Relations from the University of Bristol and a BSc from the University of Turin.

Show notes

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today

[Security Nation] Jack Cable on Ransomwhere

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/10/27/security-nation-jack-cable-on-ransomwhere/

[Security Nation] Jack Cable on Ransomwhere

In this episode of Security Nation, Jen and Tod chat with Jack Cable, security architect at the Krebs Stamos Group, about Ransomwhere, a crowdsourced ransomware payment tracker. They chat about how Cable came up with the idea, the role of cryptocurrency in tracking these payments, and how better data sharing can help combat the surge in ransomware attacks.

Stick around for our Rapid Rundown, where Tod and Jen talk about a remote code execution vulnerability that open-source forum provider Discourse experienced recently, which CISA released a notification about over the weekend. Tod highlights some of the many things Discourse is doing right with its security program.

Jack Cable

[Security Nation] Jack Cable on Ransomwhere

Jack Cable is a security researcher and student at Stanford University, currently working as a security architect at Krebs Stamos Group. Jack formerly served as an Election Security Technical Advisor at CISA, where he led the development and deployment of Crossfeed, a pilot to scan election assets nationwide. Jack is a top-ranked bug bounty hacker, having identified over 350 vulnerabilities in companies including Google, Facebook, Uber, Yahoo, and the US Department of Defense. After placing first in the Hack the Air Force challenge, Jack began working at the Pentagon’s Defense Digital Service. Jack was named one of Time Magazine’s 25 most influential teens for 2018. At Stanford, Jack is a research assistant with the Stanford Internet Observatory and Stanford Empirical Security Research Group and launched Stanford’s bug bounty program, one of the first in higher education.

Show notes

Interview Links

Rapid Rundown Links

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today

Securely Advancing in the Sunshine State: Rapid7 Announces Tampa Office Opening

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/10/26/securely-advancing-in-the-sunshine-state-rapid7-announces-tampa-office-opening/

Securely Advancing in the Sunshine State: Rapid7 Announces Tampa Office Opening

In our quest to create a safer digital world for all, Rapid7 is also on a mission to reimagine the future of work, culture, and talent — admittedly, we’ve set the bar pretty high for ourselves. But that’s part of the spirit of Never Done, one of our core values. We’re always striving to do better, be bolder, and think bigger as we help organizations across the globe securely advance.

That’s why we’re thrilled to announce that we’re expanding our US office footprint by opening our newest location in Tampa, Florida. With its fast-growing community of professionals — supported by a diverse population, great universities, and a strong veteran community — Tampa represents the next step in our quest to build the workplace of the future.

Building the next tech hub

We want to do something unprecedented in Tampa by taking an emerging center of tech activity to new heights as the next national hub of technology and innovation.

Tampa is fertile ground for this bold vision. The city recently ranked as one of the top 10 US metro areas for tech industry growth, and technology jobs have been increasing steadily here since 2015, with another 2% growth slated for 2021. This high concentration of tech jobs — and the talent to fill them — should come as little surprise, given the wealth of higher-learning institutions nearby, with 23 colleges and universities in the Tampa metro area. Tampa is also home to a strong military and veteran community centered around MacDill Air Force Base.

We want to take the seeds of potential in Tampa and grow them into a full-fledged tech ecosystem. To do that, we’re not just building an office and creating jobs — we’re putting a stake in the ground to help shape the future of Tampa.

To bring this vision to life, Rapid7 is partnering with Tampa-area colleges and universities to keep fueling the growth of local talent and build a stronger security community in the city than ever before. Our goal is to have 30% or more of our Tampa team be local college graduates and/or recently retired military. We’re also planning to partner with inclusion-focused STEM programs to help create a more diverse and supportive tech community through leadership and service.

Walking the walk on diversity

Rapid7 believes everyone deserves an equal opportunity to build the career they want — and that diversity of experience and viewpoints helps drive the innovation on which a healthy technology culture thrives. By boosting creativity and bringing a wider range of insights to inform better decision-making, diverse teams help drive business outcomes. In Tampa, we’re excited to walk the walk in our commitment to diversity and continue to bring this vision to life.

We believe a diverse workforce is integral to the success of our organization and the culture we want to build. That’s why we’re building something truly unique and putting diversity first in our hiring plan in order to build a team that reflects the rich, diverse character of Tampa.

We have ambitious goals to hire, retain, and develop talent with diverse backgrounds and experiences, with targets set for Black, Latinx, and female hires that we intend not only to meet, but to exceed. We’re aiming for a team that is 50% or more from diverse backgrounds.

With a diverse team that is empowered to be their one-of-a-kind, authentic selves in their day-to-day work — in keeping with our core value of Bring You — the Rapid7 Tampa office will truly help push the city forward as a hub of tech growth.

Build the workplace of the future with us

The task of securing the digital world is more complex and challenging than ever before. At a time when data breaches are increasing in frequency and severity, people need best-in-class security tools that are easy to use and deliver results. But as the challenge increases, so does the opportunity — and having the right people on board is all the more critical.

Our vision of the workplace of the future is not only diverse and rooted in the community, but also flexible, with a hybrid model that accommodates work-life balance while providing a collaborative in-office experience to promote teaming. In our effort to build the workplace of the future, we want to think ahead of the curve — taking the best of what we’ve learned from remote work in 2020 and 2021 while allowing talented team members to collaborate in person. We think the future of work involves flexible in-office policies while also allowing teams to spend time face-to-face. This makes room for serendipitous collaboration, fosters stronger relationships, and helps us support employees in developing their careers through learning and mentorship, which are enhanced by the in-office experience.

In Tampa, we have an exciting opportunity to build a model for the workplace of the future, blazing the trail rather than playing catch-up. This involves bringing a flexible, hybrid work model together with a diverse, dynamic culture that makes building a safer digital world rewarding and fun, while giving back to the community and setting the pace of growth and innovation in emerging centers of tech talent.

At our new location at Water Street Tampa, we’re adding more than 100 positions in data and software engineering, business development, customer support, IT, and people strategy.

Ready to help us meet today’s security needs, reimagine the future of work, and pave a path for the future of tech in Tampa? Check out our open roles.

Turn On, Tune In, Drop the Noise: Achieve Better Cloud Security by Reducing Noise

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/10/14/turn-on-tune-in-drop-the-noise-achieve-better-cloud-security-by-reducing-noise/

Turn On, Tune In, Drop the Noise: Achieve Better Cloud Security by Reducing Noise

The modern world is full of signals. A select few are critically important, others are interesting or informative, and the overwhelming majority are less useful or painfully irrelevant. All of these signals that are neither useful nor relevant are best categorized as noise.

For security professionals, it’s easy to get lost in this noise. Many of them get email, text, or Slack notifications for every helpdesk ticket that is issued, updated, and closed. The average security manager might get hourly, daily, weekly, and monthly reports from a variety of different tools that they and their teams may or may not interact with on a regular basis. And at some point, the thousands of alarms and notifications that these same tools generate on a weekly basis end up causing mind-numbing alert fatigue that bogs down security teams. Research has found that 75% of companies are actually spending more time chasing down false positives than responding to genuine security incidents, TechRepublic reports.

Are these signals important? Maybe. Are they getting to the right people at the right time? Hopefully. But hope is not enough when it comes to cloud security.

Misconfigurations add to the clamor

Our 2021 Cloud Misconfigurations Report confirms that data breaches attributed to cloud misconfigurations are still a significant concern for enterprises across all industries. It’s hard to go a few days without hearing of yet another incident in which the data is breached, leaked, or otherwise mishandled. In fact, according to our data, there are 2.3 data breaches per week… and that number doesn’t include those that aren’t reported.

There are many reasons why cloud misconfigurations remain such a significant problem. One contributing factor that continues to be front and center is the overabundance of noise that comes with the ephemeral, fast-evolving nature of cloud environments. The cadence at which security teams are bombarded with alerts and notifications is overwhelming. Yet these teams are still responsible for ensuring the security of the sensitive data in complex cloud environments.

As stewards of this data, security teams must have a comprehensive cloud security solution that allows them to continuously monitor and react to threats. Security teams are trying to understand the high-priority issues that actually matter, all while keeping up with the fast, continuous pace of innovation. To accomplish this, they must invest in a solution that gets the right signals to the right people at the right time, through the right means.

Many of the tools that enterprises use to be better, faster, and stronger are incredibly powerful, but sometimes this power can create chaos and noise. This is especially true for the many cloud security solution types available today. Almost any cloud security tool should be able to tell you if you have a storage bucket open to the public. But what if that storage bucket is meant to be open? What if it’s in a protected environment? What if your developers have created strategic exemptions to specific rules for a legitimate reason?

At best, the security team receives the alert, investigates it, and then determines that there is no issue. While this is by no means an efficient or scalable approach to handling cloud security incidents, nothing catastrophically bad has happened. There wasn’t an actual data breach, and the developers weren’t impeded by security, since their instance wasn’t shut down automatically.

But there are other, more likely scenarios to consider. For example, what if the security team’s investigation of a harmless exemption diverts their attention from a more critical alert? If the real alert is ignored amid the noise and the threat remains unresolved, the entire organization is at risk. As we know, there are huge repercussions of a data breach — from financial to legal to operational to reputational. In fact, according to the Ponemon Institute, the average cost of a data breach is now up to $4.24 million.

Cutting through to the signal

With this much at stake, security teams can’t become immune to critical alerts or blind to the information that is essential to maintaining continuous cloud security. InsightCloudSec helps reduce noise through its extensibility and the level of granularity through which you can determine the scope of alerts (and actions in response to those alerts).

Unified visibility and terminology

InsightCloudSec sets the noise-reduction table by providing a single source of visibility into cloud environments that spans across AWS, GCP, Microsoft Azure, Alibaba Cloud, Oracle Cloud Infrastructure, and Kubernetes. By offering a standardized asset inventory across cloud service providers, security teams can apply policy and leverage real-time automated remediation consistently.

Curated, context-rich information

We’ve added value to this unified visibility by giving you the ability to finely tune the scope of what information you want to capture through our filters, insights, and exemptions.

Filters

InsightCloudSec filters provide a way to explore your cloud environment and surface problems of interest. You can specify the conditions that InsightCloudSec searches to identify matching resources. Currently, InsightCloudSec offers almost 1,400 out-of-the-box filters, with almost infinite possibilities for customization.

Insights

An InsightCloudSec insight is a check on a specific behavior, condition, or characteristic of a cloud resource. Built from the abundant (and continuously growing!) library of filters, an insight allows you to view all of your clouds and provides an in-depth understanding of your infrastructure’s security, compliance, optimization, or other characteristics that you specify.

Insights can be defined around any individual resource or resource type to identify resources that may need to have limited public accessibility. Insights can focus on specific characteristics or configuration issues, identify a network missing an internet gateway, or identify a database without encryption. As with filters, insights can be customized to fit almost any need.

Exemptions

As with any rule, there are always exceptions… or in this case, exemptions. InsightCloudSec allows you to specify resources that should be exempt from an insight. Exemptions can even be tuned to a specific time period. Using this functionality allows organizations to have a highly curated, context-rich approach to the data, and to notifications about that data.

Get the alerts you want, how and when you want them

InsightCloudSec integrates with SMTP/email, Slack, Microsoft Teams, ServiceNow, PagerDuty, Jira, Jinja2, and more. These integrations empower security teams to specify how they want to receive their alerts to monitor and address problems efficiently and effectively.

For example, let’s say that you only want to receive notifications related to a specific regulation (e.g., PCI-DSS). Through our pack-level notifications, you can send notifications (via email, Slack, etc.) based on a collection of insights that together form the compliance framework. InsightCloudSec offers both out-of-the-box compliance packs and the ability to create custom packs to fit your organization’s specific needs.

The pack-level notification capability includes cadence settings, so you have the ability to send it weekly, daily, or hourly. It allows for the delivery of information around an entire category of insights, enabling organizations to cut down on the noise of individual notifications that might not provide the full context your team needs.

With the persistence of data breaches due to cloud misconfigurations, it is essential for organizations to invest in tools to help them tune into the right information about their complex cloud environments.

Interested in seeing firsthand how InsightCloudSec can reduce noise for your organization? See it in action in our demo.

To learn more about the essentials of good cloud security, see our previous blog post on shifting left here.

[Security Nation] Michael Daniel on the Cyber Threat Alliance

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/10/13/security-nation-michael-daniel-on-the-cyber-threat-alliance/

[Security Nation] Michael Daniel on the Cyber Threat Alliance

In this episode of Security Nation, Jen and Tod chat with Michael Daniel, president and CEO of the Cyber Threat Alliance (CTA), as well as a co-chair on the IST’s Ransomware Task Force. After discussing Michael’s career in cybersecurity with the US government, they talk about what makes information sharing so hard in the security space and how the CTA has addressed this challenge in its efforts to promote better threat intelligence.

Stick around for the Rapid Rundown – with Tod on holiday (AKA vacation), Jen brings on Rapid7’s public policy guru Harley Geiger. They chat about the Cyber Incident Reporting Act, which is likely headed to a Senate floor vote and, if passed, would bring major changes to the reporting requirements around cybersecurity events for owners and operators of critical infrastructure.

Michael Daniel

[Security Nation] Michael Daniel on the Cyber Threat Alliance

Michael Daniel serves as the President and CEO of the Cyber Threat Alliance (CTA), a not-for-profit that enables high-quality cyber threat information sharing among cybersecurity organizations. Prior to CTA, Michael served for four years as US Cybersecurity Coordinator, leading US cybersecurity policy development, facilitating US government partnerships with the private sector and other nations, and coordinating significant incident response activities. From 1995 to 2012, Michael worked for the Office of Management and Budget, overseeing funding for the US Intelligence Community. Michael also works with the Aspen Cybersecurity Group, the World Economic Forum’s Partnership Against Cybercrime, and other organizations improving cybersecurity in the digital ecosystem. In his spare time, he enjoys running and martial arts.

Show notes

Interview links

Rapid Rundown links

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today

[The Lost Bots] Episode 6: D&R + VM = WINNING!

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/10/04/the-lost-bots-episode-6-d-r-vm-winning/

[The Lost Bots] Episode 6: D&R + VM = WINNING!

Welcome back to The Lost Bots, a vlog series where Rapid7 Detection and Response Practice Advisor Jeffrey Gardner talks all things security with fellow industry experts. In this episode, we’re joined by fellow Practice Advisor Devin Krugly to discuss how Detection and Response + Vulnerability Management = a winning combination. Often viewed as two separate and distinct entities, Jeffrey and Devin explore how the combination can greatly improve your response efforts and the ways in which you can set up a successful vulnerability management program.

[The Lost Bots] Episode 6: D&R + VM = WINNING!

Stay tuned for future episodes of The Lost Bots! Coming soon: Jeffrey discusses veterans in cybersecurity with fellow security professionals who are vets themselves.

[Security Nation] Rob Graham on Mike Lindell’s Cyber Symposium

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/09/29/security-nation-rob-graham-on-mike-lindells-cyber-symposium/

[Security Nation] Rob Graham on Mike Lindell's Cyber Symposium

In this episode of Security Nation, Jen and Tod chat with Rob Graham of Errata Security about his experience attending pillow magnate Mike Lindell’s Cyber Symposium, where he claimed packet captures would reveal incontrovertible evidence of widespread fraud in the 2020 US presidential election. (Spoiler alert: Nothing resembling that description actually occurred at Lindell’s event.) An expert on packet captures, Graham recounts the Kafkaesque forensic logic behind the Cyber Symposium data — some of which was presented in a file type only known to a single living person — as well as the value of having real experts attend highly dubious events like this one.

Stick around for the Rapid Rundown, where Tod and Jen discuss Microsoft’s plan to turn off Basic Auth in Exchange Online next year and the Autodiscover bug that may have prompted the change.

Robert Graham

[Security Nation] Rob Graham on Mike Lindell's Cyber Symposium

Rob Graham is a well-known cybersecurity expert. He created the BlackICE personal firewall, the first IPS, sidejacking, and masscan. He frequently speaks at conferences and blogs.

Show notes

Interview links

magnet:?xt=urn:btih:39a9590de21e77687fdf7eacee4dd743f2683d72&dn=cyber-symposium&tr=udp://9.rarbg.me:2780/announce

Rapid Rundown links

  • The original Bleeping Computer story on Microsoft shutting off Basic Auth
  • The related story about Amit’s Autodiscover bug finding that may have prompted the above
  • A somewhat early reference to some WPAD bugs
  • The earliest reference Tod could find about WPAD exploits… which happened to be written by the very same Tod back in 2009.

Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today

Rapid7 Technical Support: Building a Career Path With Endless Possibilities

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/09/22/rapid7-technical-support-building-a-career-path-with-endless-possibilities/

Rapid7 Technical Support: Building a Career Path With Endless Possibilities

At Rapid7, our Technical Support teams deliver a world-class support experience to our customers across the globe. We have Support Moose on 4 continents, in 10 offices, and across 8 time zones, but we’re all one herd. So, how do we achieve this? We swarm on cases together each day, we collaborate with team members across the world, we’re learning constantly, and we live and breathe Never Done, one of our core values. For any team member, that means there are endless possibilities in what you can do at Rapid7, because the support for you is limitless.

We talked with a few of our Technical Support Engineers to hear firsthand about why they chose to join Rapid7, their career growth so far, and cool projects they’ve had the opportunity to work on!

Rapid7 Technical Support: Building a Career Path With Endless Possibilities
Shan Yao Technical Support Engineer I

Rapid7 Technical Support: Building a Career Path With Endless Possibilities
Steph Blair Technical Support Engineer I Apprentice

Rapid7 Technical Support: Building a Career Path With Endless Possibilities
Ryan Caren Senior Technical Support Engineer

Rapid7 Technical Support: Building a Career Path With Endless Possibilities
Jenni Natiw Manager, Technical Support

Rapid7 Technical Support: Building a Career Path With Endless Possibilities
Mark Gottschalk Technical Support Engineer I Apprentice

How has Rapid7 supported your career growth?

“I joined Rapid7 as a part of the DivvyCloud acquisition. Going from being an individual contributor in a startup environment to a manager in a larger company is a big change. Rapid7 has done many helpful things to make that transition much smoother. Being a part of the Emerging Moose program, I have learned a lot on how to best manage my team in an effective and efficient manner. I have also had the opportunity to make an impact in the product development process, working closely with our Product and Engineering teams. Additionally, I have been supported throughout this entire process by my Director, Jayashri. She has pushed me to do things I wouldn’t have done on my own with regards to mentoring, networking, and using my voice to be an advocate for our customers and my team.” – Jenni Natiw

“Before I joined Rapid7, my job role was a cake decorator. I made and decorated bespoke cakes for events and parties, but I wanted a change in career. I started to study cybersecurity at a local college and ended up joining Rapid7 as an apprentice. Career growth so far has been incredible — from starting out with little to no IT experience, to working in a worldwide cybersecurity company as a technical support engineer. Rapid7 has got my foot into the door of IT, and my skills and experience have grown massively. I have learned so much on my journey so far in a short space of time and am excited to continue to learn and grow as a person.” – Steph Blair

What cool technology/projects have you had the opportunity to work on?

“I was given a project to redesign the current update servers Rapid7 uses. Specifically, I was tasked to propose a solution to future-proof the system, using services and technologies within Amazon Web Services (AWS). I then had to give a presentation in front of one of our Directors and Senior Managers.

This was great for learning more about AWS and to create a solution that would best serve Rapid7’s customers globally. I got to learn about creating instances in different regions to give more reach and failover, and about using load-balancing technologies. It was a very interesting project to get involved in.” – Mark Gottschalk

“Guru Card is the best project I have worked on. It’s like an automation technology to help my peers to identify and provide solutions to customers.” – Shan Yao

What made you most excited to join Rapid7, and what made you most excited to stay at Rapid7?

“From my interview stage, I could tell Rapid7 was not a traditional IT company. One of the questions put to me at the interview was about how I would get rid of space junk if I had all the resources in the world! When I was offered my position I was ecstatic, and I still feel so lucky to be involved with Rapid7. It was a significant career change, and I was excited to start learning and developing new skills within this industry. I’m most excited now for the opportunities that I have ahead of me with such a young and expanding company. I feel valued, and I’m part of a great close-knit team that I can always count on.” – Mark Gottschalk

“Originally, I had joined Rapid7 based on some really positive feedback from friends who had worked there previously, alongside my own personal drive to have a career in the cybersecurity space. I’m excited for my future working in Rapid7 due to the fast-paced environment where everyday feels like it presents a new challenge. I feel extremely fortunate to be a part of a great team whom I enjoy working alongside.” – Ryan Caren

“When I first joined my cybersecurity course in college, Rapid7 was brought up numerous times in regards to cybersecurity. From then, I did research myself and found out that this was a HUGE company with offices all around the world and could only ever imagine working somewhere like that! When I got accepted for a job I was very excited. I couldn’t believe it — I accepted straight away. From my first day at Rapid7, everyone has been so welcoming and friendly. It is such a great environment to work in. It’s not just about the work (although that is a huge part) — we take part in lots of other cool things like movie nights, nights out for dinner, mini golf, axe throwing, etc. It’s great to have a work/social balance and wind down after a day in the office. I can truly say that I have made friends for life and can’t wait to see what the future holds for me at Rapid7.” – Steph Blair

Interested in learning more and joining the team to support our audacious goal of growing 20% in 2021? Check out our open roles today!

Rapid7 Belfast Technical Support Team

Rapid7 Technical Support: Building a Career Path With Endless Possibilities

[Security Nation] Craig Williams of Cisco Talos on Proxyware

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/09/15/security-nation-craig-williams-of-cisco-talos-on-proxyware/

[Security Nation] Craig Williams of Cisco Talos on Proxyware

In this episode of Security Nation, Jen and Tod chat with Craig Williams, recently of Cisco Talos, about proxyware and integrating security acquisitions the right way. Along the way, they touch on the challenges of being a security communicator with an audience that extends beyond practitioners – and a few real-life stories of people who didn’t realize their cameras were spying on them.

Stick around for our Rapid Rundown, where Tod and Jen talk about the REvilware ransomware gang’s return from “retirement” and how lagging adoption of EMV is leading to high-profile cases of ATM fraud.

Craig Williams

[Security Nation] Craig Williams of Cisco Talos on Proxyware

Craig Williams has always had a passion for learning how things operate – and circumventing security measures. His deep interest in security technology began with research into vulnerabilities, threats, and network detection techniques. His research over the past decade has included running global threat intelligence teams, malware labs, and trying to outwit the very security products he has helped design.

Show notes

Interview Links

  • Craig is on Twitter, but his OpSec is pretty tight so good luck getting that follow back.
  • You can read up on Cisco Talos, and check their most recent on proxyware here.

Rapid Rundown Links

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today

[The Lost Bots] Episode 5: Insider Threat

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/09/13/the-lost-bots-episode-5-insider-threat/

[The Lost Bots] Episode 5: Insider Threat

Welcome back to The Lost Bots, a vlog series where Rapid7 Detection and Response Practice Advisor Jeffrey Gardner talks all things security with fellow industry experts. This episode, we’re joined by Alan Foster (Manager, Domain Engineers) to discuss insider threats. It’s a topic we’ve all heard about, especially for those of us who are compliance-focused, but it’s also one whose definition has changed in response to recent breaches. Watch below to learn about the various types of insider threats (including those you may not have thought about), which threat(s) could cause the most damage, and tips to reduce the risk.



[The Lost Bots] Episode 5: Insider Threat

Stay tuned for future episodes of The Lost Bots! Coming soon: Jeffrey tackles vulnerability management and how it can not only reduce risk but also assist in your incident response programs.

[Security Nation] Jill Fraser and Deborah Blyth on Securing Colorado

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/09/01/security-nation-jill-fraser-deborah-blyth/

[Security Nation] Jill Fraser and Deborah Blyth on Securing Colorado

In this episode of Security Nation, we chat with Deborah Blyth, CISO of the State of Colorado, and Jill Fraser, CISO for Jefferson County, Colorado. They tell Jen and Tod about their experience securing Colorado’s cyber infrastructure at a state-wide level, breaking down silos across the various local governments to come together on an integrated, long-term plan. They go through some of the challenges of funding, collaboration, and generating buy-in — as well as how the recent national focus on election security has impacted the state and local levels.

Stick around for the Rapid Rundown, where Tod and Jen discuss Firefox’s new feature blocking insecure downloads.

Jill Fraser

[Security Nation] Jill Fraser and Deborah Blyth on Securing Colorado

Jill Fraser is the Chief Information Security Officer for Jefferson County in Colorado where she has worked for 9 years. Jill is responsible for managing the county’s enterprise cybersecurity program, which includes policy and procedure guidance, continuous improvement of incident response capabilities, end user awareness training, and risk management. She concentrates on ensuring the county’s security program is a business enabler by maintaining a sound cybersecurity strategy that supports county productivity, growth, and innovation.

Jill is an advocate for cross-organizational collaboration. She was one of the founding members of the Colorado Threat Intelligence Sharing (CTIS) network and is an active partner in the Whole of State cybersecurity program in Colorado (cooperatives formed to improve cybersecurity in Colorado-by-Colorado). Additionally, she participates in a locals-only mentoring group that serves as mechanism of peer support. She is the Chair of Colorado’s Homeland Security Senior Advisory Committee’s Cyber Subcommittee, and she is a member of the Multi-State Information Sharing and Analysis Centers (MS-ISAC) Executive committee.

Jill is an advocate for development of programs that will improve local government’s ability to secure their data and services within the limited budgets and staffing constraints most locals face. Jill has been in the information technology field for over 20 years and is a Certified Information Systems Security professional (CISSP*) as well as a Certified Chief Information Security Officer (C-CISO*).

Deborah Blyth

[Security Nation] Jill Fraser and Deborah Blyth on Securing Colorado

Deborah Blyth is Colorado’s Chief Information Security Officer (CISO), with over 25 years technology background and 15 years leading information security programs. As the CISO, she serves as the point of contact for all information security initiatives in Colorado, informing the state Chief Information Officer and executive agency leadership on security risks and impacts of policy and management decisions on IT-related initiatives. Deborah is responsible for determining the strategic and tactical security direction for executive branch agencies, to meet established objectives.

Before joining the state of Colorado, Deborah led the Information Technology Security and Compliance programs at TeleTech (5 years) and Travelport (3 years). Deborah is a Colorado native and graduated Summa cum Laude with a Bachelor of Science degree from Regis University.

Show notes

Interview links

Rapid Rundown links

Want More Inspiring Stories From the Security Community?

Subscribe to Security Nation Today

[The Lost Bots] Episode 4: Deception Technology

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/08/30/the-lost-bots-episode-4-deception-technology/

[The Lost Bots] Episode 4: Deception Technology

Welcome back to The Lost Bots, a vlog series where Rapid7 Detection and Response Practice Advisor Jeffrey Gardner talks all things security with fellow industry experts. This episode is a little different, as it’s Jeffrey talking one-on-one with you about one of his favorite subjects: deception technology! Watch below to learn about the history, special characteristics, goals, and possible roadblocks (with counterpoints!) of what he likes to call “HoneyThings,” and also learn practical advice about the application of this amazing technology.



[The Lost Bots] Episode 4: Deception Technology

Stay tuned for future episodes of The Lost Bots! Coming soon: Jeffrey tackles insider threats where the threat is definitely inside your organization, but maybe not in the way you think.

[The Lost Bots] Bonus Episode: Velociraptor Contributor Competition

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/08/23/the-lost-bots-bonus-episode-velociraptor-contributor-competition/

[The Lost Bots] Bonus Episode: Velociraptor Contributor Competition

Welcome back for a special bonus edition of The Lost Bots, a vlog series where Rapid7 Detection and Response Practice Advisor Jeffrey Gardner talks all things security with fellow industry experts. In this extra installment, Jeffrey chats with Mike Cohen, Digital Paleontologist for Velociraptor, an open source endpoint visibility tool that Rapid7 acquired earlier this year.

Mike fills us in on Velociraptor’s very first Contributor Competition, a friendly hackathon-style event that invites entrants to get their hands dirty and build the best extension to the Velociraptor platform that they can. Check out the episode to hear more about the competition, who’s judging, what they’re looking for, and what’s coming your way if you win — spoiler: there’s a cool $5,000 waiting for you if you nab the No. 1 spot, plus a range of other monetary and merchandise prizes. Jeffrey himself even plans to put his name in the ring!



[The Lost Bots] Bonus Episode: Velociraptor Contributor Competition

Stay tuned for future episodes of The Lost Bots! And don’t forget to start working on your entry for the 2021 Velociraptor Contributor Competition.

Why Joining Rapid7 Was the Best Decision for These Sales Professionals, Even During a Pandemic

Post Syndicated from Rapid7 original https://blog.rapid7.com/2021/08/20/why-joining-rapid7-was-the-best-decision-for-these-sales-professionals-even-during-a-pandemic/

Why Joining Rapid7 Was the Best Decision for These Sales Professionals, Even During a Pandemic

As any job seeker knows, a lot of thought goes into accepting a new role at a new company — even more so during a pandemic. For sales professionals, this decision includes considering company growth and trajectory, industry leadership, and company culture, all of which had the potential of being majorly impacted by the effects of COVID-19.  

Over the course of the pandemic, Rapid7 has not only acquired four companies in the past 16 months, but we’ve been named a leader in the 2021 Gartner Magic Quadrant for SIEM, a Strong Performer in Managed Detection and Response Report, and a Visionary in 2021 Gartner Magic Quadrant for Application Security Testing, all while keeping our company culture more than intact.

We talked with a few of our North America Account Executives to hear firsthand about why they chose to join Rapid7 (even during a pandemic), how they learned about the company, and why they’d recommend Rapid7 as a great place to work.

Why Joining Rapid7 Was the Best Decision for These Sales Professionals, Even During a Pandemic
Nicholas Lennek Enterprise Account Executive, joined Rapid7 October 2019‌‌

Why Joining Rapid7 Was the Best Decision for These Sales Professionals, Even During a Pandemic
Devonne Skinner Account Executive, joined Rapid7 April 2020
Why Joining Rapid7 Was the Best Decision for These Sales Professionals, Even During a Pandemic
Stephen Hislop Account Executive, joined Rapid7 December 201

Where did you hear about Rapid7?

“Prior to joining the team, I’d long been familiar with Rapid7 as a high-profile, publicly traded company here in Boston. Around June of 2019, the word had spread about what an engaging and rewarding culture existed at Rapid7.” – Nicholas Lennek

I heard about Rapid7 because of the tech scene here in Boston; Rapid7 is a big name, and as I was searching for a career change. I knew of a few friends who had been working here for a few years at the time.” – Devonne Skinner

What attracted you to work for Rapid7?

“The energy! My role at Rapid7 gives me the privilege of tackling unique and often nuanced challenges on a routine basis. The team mentality here at Rapid7 is one of rigor and dedication, which is an attitude I crave. We set our aims high, work hard to achieve them, and recognize a job well done here. To me, that’s what it’s all about.” – Nicholas Lennek

“I started in the beginning of the pandemic, which sounds a bit crazy, I know. At the time, I felt like I needed a challenge, and switching industries alone was a mountain, but adding in starting remote was a whole other ball game. I was very confident after my interviews that Rapid7 was going to be invested in me through learning the security industry, along with helping me continue my growth here. So the clear path to where I could go in this role, along with training, was something that attracted me to Rapid7. Additionally, the team atmosphere was big to me. Collaborating with not just sales but other departments is important to not just individual success but team and company success.” – Devonne Skinner

“I realized that the company had a vision for the future; as the industry grew and progressed, so did Rapid7. I wanted to work for a company that was looking to be a leader in the space and not just another player. Rapid7 has exceeded my expectations and continues to grow rapidly.” – Stephen Hislop

Why would you recommend Rapid7 as a great place to work for your next opportunity?

Speaking to my own personal path, Rapid7 offers you a chance to skip the local train and join the expressway. My role at Rapid7 isn’t a job, it’s a career — and that same opportunity is afforded to everybody. Your peers and your leadership personally invest in your growth and in your success. To fulfill my professional ambitions, I need the chance to make an impact with my work. Rapid7 has provided me with the platform to do that every day that I’ve been here.” – Nicholas Lennek

“I would recommend Rapid7 as a great place to work because of the attention to their employees. As mentioned, it was important to me when I took this role that I had a clear path to how I was going to achieve my goals and continue down a path of success. Rapid7 has always asked me how they can help me achieve my goals, and individually, that is going to be different for everyone. But they follow through. Whether that be additional training, collaboration with teams, listening to my ideas, etc., they take the time to listen and respond appropriately. Rapid7 is a great company to work for regardless of the industry you’re coming from, because they are invested in YOU just as much as the bigger picture.” – Devonne Skinner

“I would recommend Rapid7 because it is a company that will challenge you but also train you. I have learned so much during my time here and have grown as an Account Executive. I love working with everyone, and it truly is a collaborative environment.” – Stephen Hislop

Interested in learning more and joining the team to support our audacious goal of growing 20% in 2021? Check out our North America Go to Customer LinkedIn Life page and our open roles today!