We had three goals in mind when developing the first edition of the Rapid7 Threat Report. First and foremost, we wanted to provide as clear a picture as possible of the threat landscape organizations faced during the first quarter of 2017. To this end, we've included composite and industry-level views of threat events across many industries.
While there's inherent value in just that threat portrait, we also wanted to show what a "day in the life" of a typical incident responder might look like, so we have created additional views by day, hour, and event type by industry to give you a glimpse into both the workload variety and volume facing these unsung heroes of cybersecurity
Finally, as we examined the events of the past quarter, we've highlighted key takeaways that are applicable across organizations of every shape, size, and locale. We hope you find the report to be an informative and useful companion as you continue to develop your own detection and response programs.
THE 2017 Q1 THREAT LANDSCAPE
This report covers a representative sample of assessments from the first quarter of 2017 of both the generalized threat landscape, as well as unique threats that are more focused on certain organizations or industries.
The "threat landscape" is a moving, shifting form that will look different to different organizations-it all depends on where you are standing. Some people may be staring at a wide open grassland where the landscape is understood and the threats are easy to identify (though no less deadly), and others may be facing a dense jungle of hidden threats. While it is possible to develop a universal threat landscape that may be useful for general security research and developing high-level incident response frameworks, it is more useful for defenders to have a solid understanding of their own unique threat landscape