2 min
Metasploit Weekly Wrapup
Metasploit Wrapup 11/16/18
The Malicious Git HTTP Server For CVE-2018-17456 module by timwr exploits a vulnerability in Git that can cause arbitrary code execution when a user clones a malicious repository using commands such as git clone --recurse-submodules and git submodule update.
3 min
Incident Detection
5 Tips For Monitoring Network Traffic on Your Network
Monitoring traffic on your network is important if you want to keep it secure. These five tips will help you get the most out of your (NTA) tool.
5 min
User Behavior Analytics
[Q&A] Why Every Threat Detection Strategy Needs User Behavior Analytics
VP of Product Sam Adams explains how UBA works and how it’s evolved over the years to become a core part of threat detection and response strategies.
6 min
InsightIDR
Rolling with Your Logs, Part 2: Advanced Mode Searches
In the Part 2 of this three-part series on InsightIDR Log Search, we will cover three concepts: parsed logs, groupby function, and log search operations.
14 min
AWS
Automate Insight Agent Deployment in AWS
Hello, fellow nerds! Today, I am going to walk you through deploying the Rapid7 Insight Agent in your AWS environment(s).
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup 11/9/18
Now in Framework: Exploit for jQuery File Upload plugin vuln, two new post modules to exfil images and texts from compromised iOS devices. Plus, this year's community CTF.
3 min
Healthcare Security
Top 5 Cybersecurity Threats Healthcare Organizations Face
Looking to protect your healthcare organization from cyber-threats? Here are the top five threats to look out for and tips on how to outsmart attackers.
4 min
InsightIDR
Rolling with Your Logs, Part 1: Your Guide to Log Search in InsightIDR
In the first installment of this series, we'll cover the three most important basics of log search, then run through a few common Simple Mode searches.
3 min
Metasploit
Announcing the 2018 Metasploit Community CTF
Two targets, three days, and a thousand teams: Put your skills to the test for a chance to win prizes and bragging rights in Metasploit’s 2018 community CTF.
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup: 11/2/18
Today marks the 30th anniversary of the Morris worm. We were hit by a wave of nostalgia, so here's a little history and a module-trip down memory lane courtesy of wvu.
4 min
Public Policy
Expanded Protections for Security Researchers Under DMCA Sec. 1201
The Library of Congress announced that it would renew and expand legal protections for security testing under Section 1201 of the Digital Millennium Copyright Act (DMCA).
3 min
Automation and Orchestration
Three Expensive Security Operations Costs and How to Minimize Them with SOAR
With the release of our Security Orchestration and Automation ROI Calculator, here are the three areas where companies spend the most resources on security.
5 min
Public Policy
Prioritizing the Fundamentals of Coordinated Vulnerability Disclosure
In this post, we aim to distinguish between three broad flavors of CVD processes based on authorization, incentives, and resources required. We also urge wider adoption of foundational processes before moving to more advanced and resource-intensive processes.
4 min
Managed Detection and Response (MDR)
A Day in the Life of a Rapid7 SOC Analyst
Today, we are diving into a day in the life of a Rapid7 security operations center (SOC) analyst, specifically around threat detection and response.
2 min
Whiteboard Wednesday
Whiteboard Wednesday: Common Vulnerabilities as Personified by Halloween Costumes
As a security professional, you don’t need a haunted house to feel spooked this Halloween—just start exploring your environment in search of vulnerabilities.