3 min
Attack Surface Management
Proactive Visibility Is Foundational to Strong Cybersecurity
Exposures are more than CVEs, so organizations need to move beyond the traditional thinking of vulnerability management to a holistic view.
3 min
Emergent Threat Response
Multiple Vulnerabilities in Common Unix Printing System (CUPS)
Multiple unpatched vulnerabilities were publicly disclosed in the Common Unix Printing System (CUPS), a popular IPP-based open-source printing system.
4 min
Forrester Wave
Rapid7 Recognized in Forrester’s 2024 Attack Surface Management (ASM) Wave Report
This week, Rapid7 was recognized as a Contender in Forrester’s 2024 Attack Surface Management (ASM) Wave report.
2 min
Gartner
Three Recommendations for Creating a Risk-Based Detection and Response Program
In a report released earlier this summer, Gartner analysts offer three recommendations for fostering an environment of risk-based threat detection, investigation, and response that includes a deeper understanding of your organization’s risk profile by more than just the security team.
3 min
Emergent Threat Response
High-Risk Vulnerabilities in Common Enterprise Technologies
Rapid7 is warning customers about high-risk vulnerabilities in Adobe ColdFusion, Broadcom VMware vCenter Server, and Ivanti Endpoint Manager (EPM). These CVEs are likely attack targets for APT and/or financially motivated adversaries.
2 min
Emergent Threat Response
CVE-2024-40766: Critical Improper Access Control Vulnerability Affecting SonicWall Devices
CVE-2024-40766 is a critical improper access control vulnerability affecting SonicOS, the operating system that runs on the company’s physical and virtual firewalls. As of September 9, 2024, Rapid7 is aware of several recent incidents in which SonicWall SSLVPN accounts were targeted or compromised.
3 min
Emergent Threat Response
Multiple Vulnerabilities in Veeam Backup & Replication
On September 4, 2024, Veeam released their September security bulletin disclosing various vulnerabilities, including CVE-2024-40711, a critical unauthenticated remote code execution issue affecting Veeam’s popular Backup & Replication solution.
3 min
Gartner
Our 4 Essential Strategy Takeaways from the Gartner® 2024 Report – How to Prepare for Ransomware Attacks
The 2024 Gartner report, “How to Prepare for Ransomware Attacks”, provides critical insights into the latest tactics used by bad actors and offers practical solutions on how to fortify defenses.
3 min
Gartner
5 Key Insights from the Gartner® Market Guide for Cloud-Native Application Protection Platforms (CNAPP)
The 2024 Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP) provides invaluable insights into the latest trends and technologies that are reshaping how companies protect their digital assets.
4 min
Career Development
Brandon Adkins’ Career Journey - Taking Chances and Tackling New Challenges
Brandon Adkins is the Manager of our Threat Intelligence & Detection Engineering (TIDE) team. His career journey spans a variety of roles and teams where he has been able to showcase his technical skills in security.
5 min
Exposure Command
Rapid7 Introduces Exposure Command to Eliminate the Security Visibility Gap
Exposure Command provides 360-degree visibility and enables security teams to pinpoint and extinguish your most critical risks.
2 min
Career Development
Celebrating Excellence: Rapid7 Recognized in Newsweek's Greatest Workplaces in America 2024
In a testament to its commitment to fostering an exceptional workplace environment, Rapid7 is proud to be included in Newsweek's Greatest Workplaces in America for 2024.
2 min
Reports
New Research: The Proliferation of Cellular in IoT
Analysis of Cellular Based Internet of Things (IoT) Technology is a new whitepaper co-authored by Rapid7 principal security researcher Deral Heiland and Thermo Fisher Scientific lead product security researcher Carlota Bindner.
4 min
Emergent Threat Response
VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns
On July 29, Microsoft published threat intelligence on observed exploitation of CVE-2024-37085, an authentication bypass vulnerability in Broadcom VMware ESXi hypervisors that has been used in multiple ransomware campaigns.
4 min
From Top Dogs to Unified Pack
Each day often presents a new set of challenges and responsibilities, particularly as organizations accelerate digital transformation efforts. This means you and your cyber team may find yourselves navigating a complex landscape of multi-cloud environments and evolving compliance requirements.
