8 min
Vulnerability Disclosure
Shoring Up the Defenses Together: 2018Q2 and Q3 Wrap-Up
Today (October 29, 2018) we are sharing several vulnerabilities that have been fixed in Rapid7 products and supporting services.
4 min
Metasploit
Metasploit Wrapup: 10/26/18
We got to hit the build button three times this week. It's not something that we
normally do, since the Metasploit release each week triggers automatically. But
it's been such a week of surprise vulnerabilities and improvements that it made
sense to get a few extra builds out the door. So, Metasploit this week jumps
from 4.14.18 to 4.17.21. Look for it during your next Metasploit romp.
Exploit wrapup
While the excitement around libssl CVE-2018-10933
2 min
Threat Intel
Hacking as a Service: How This New Offering Is Changing the Threat Landscape
Just like other industries have adopted the as-a-service model, cyber threat actors are doing the same.
3 min
Security Operations
Rapid7 Leads All 'Strong Performers' in 2018 Forrester Wave for Emerging MSSPs
We’re proud to be recognized in the Forrester Wave as the leader in the “Strong Performer” category and to score second highest overall current offering for our Managed Security Services.
5 min
InsightVM
Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk
Here is a first-hand look at how we quantify the Real Risk Score and how this helps practitioners address the top vulnerabilities in their ecosystems.
3 min
Penetration Testing
7 Funny and Punny Halloween Costume Ideas for Tech and Cybersecurity Pros
Stuck on what to be this year? Here are some of our favorite Halloween costume ideas for tech and cybersecurity professionals.
1 min
Metasploit Weekly Wrapup
Metasploit Wrapup: 10/19/18
A brand new Solaris module, improved Struts module, and the latest improvements.
3 min
Cybersecurity
National Cybersecurity Awareness Month: Tips for Improving Your Personal Pa55w0rd! Management
It's National Cybersecurity Awareness Month, which means it's a great time to chat about why you should consider a password manager to stay secure.
3 min
Vulnerability Management
Take a Bite out of the Vulnerability Remediation Backlog with InsightVM
Security teams dealing with expanding networks and increasingly sophisticated attacks can use InsightVM to help stay on top of their vulnerability backlog.
17 min
InsightIDR
Universal Event Formats in InsightIDR: A Step-by-Step NXLog Guide
Follow this step-by-step walkthrough to use NXLog to transform an ingress authentication log into UEF.
5 min
AWS
How to Conduct DNS Reconnaissance for $.02 Using Rapid7 Open Data and AWS
Rapid7 is happy to announce that a subset of data from Project Sonar is now available on Amazon Web Services (AWS).
1 min
Application Security
Rapid7 Acquires Leading Web Application Security Provider, tCell
Today, Rapid7 announced the acquisition of tCell, a leading provider of web application threat defense and monitoring. We are so excited to have tCell join the Rapid7 family!
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup: 10/12/18
New evasion modules in Metasploit Framework, highlights from our Town Hall at DerbyCon VIII, and the last week's improvements and module additions.
4 min
Application Security
How to Defend Against Magecart Using CSP
In this blog, we explain how you can defend against Magecart credit card skimming attacks by using HTTP's Content Security Policy.
2 min
User Behavior Analytics
Universal Event Formats Q&A: Apply User Behavior Analytics to More of Your Data
Rapid7 is proud to announce a new way to collect log data: Universal Event Formats. Here is a quick Q&A to give you the lowdown.