4 min
Vulnerability Management
What’s New in InsightVM and Nexpose: Q2 2023 in Review
In Q2, InsightVM and Nexpose got an improved UI for the Console, custom policy for Agent-Based assessment, a new dashboard card, and more.
2 min
MSSP
Rapid7 Solutions for Partners
Rapid7's unified security operations technology platform makes it easy for MSSPs to build services around an array of security solutions.
3 min
Attack Surface Security
The Japanese Threat Landscape: A Report on Cyber Threats in the Third Largest Economy on Earth
In this new report, Rapid7 analyzes Japan’s threat landscape and some of the largest cyber concerns affecting Japanese organizations.
1 min
Cloud Security
Standardizing SaaS Data to Drive Greater Cloud Security Efficacy
We are excited to announce availability of AWS AppFabric integration for InsightIDR. AWS AppFabric normalizes application data into the OCSF format.
3 min
Cloud Security
Uncover and Remediate Toxic Combinations with Attack Path Analysis
Attack Path Analysis enables users to quickly identify potential avenues that bad actors could use to access and navigate your cloud environment.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 6/23/23
I like to MOVEit, MOVEit, We like to MOVEit!
Party hard just like it's Mardi Gras! bwatters-r7
delivered the dance moves this week with a
masterful performance. The windows/http/moveit_cve_2023_34362 module is
available for all your party needs, taking advantage of CVE-2023-34362
, this
module gets into the MOVEit database and nets shells to help you "Keep on
jumpin' off the floor"!
New modul
22 min
Vulnerability Disclosure
Multiple Vulnerabilities in Fortra Globalscape EFT Administration Server [FIXED]
Rapid7 has uncovered four issues in Fortra Globalscape EFT, the worst of which can lead to remote code execution.
6 min
Attack Surface Security
Cyber Asset Attack Surface Management 101
CAASM is intended to be an authoritative source of asset information complete with ownership, network, and business context for IT and security teams.
5 min
Metasploit
Metasploit Weekly Wrap-Up: Jun. 16, 2023
Metasploit T-Shirt Design Contest
In honor of Metasploit's 20th anniversary, Rapid7 is launching special edition
t-shirts - and we're inviting members of our community to have a hand in its
creation. The contest winner will have their design featured on the shirts,
which will then be available to pick up at Black Hat 2023.
We will be accepting submissions from now through June 30! Contest details,
design guidelines, and submission instructions here
3 min
Emergent Threat Response
CVE-2023-34362: MOVEit Vulnerability Timeline of Events
Rapid7 continues to track the impact of CVE-2023-34362. We’ve put together a timeline of events to date for your reference.
10 min
Vulnerability Management
Patch Tuesday - June 2023
No zero-day vulns this month. PGM & .NET/Visual Studio critical RCEs. SharePoint EoP. Exchange RCEs.
2 min
Emergent Threat Response
CVE-2023-27997: Critical Fortinet Fortigate Remote Code Execution Vulnerability
Rapid7 is tracking CVE-2023-27997, a purportedly critical remote code execution (RCE) vulnerability in Fortigate SSL VPN firewalls.
3 min
Metasploit
Metasploit Weekly Wrap-Up: Jun. 9, 2023
MOVEit
It has been a busy few weeks in the security space; the MOVEit
vulnerability filling our news feeds with dancing lemurs and a Barracuda
6 min
Application Security
OWASP TOP 10 API Security Risks: 2023
The OWASP Top 10 API Security Risks is a list of the highest priority API based threats in 2023. In this blog, we detail each item on the list.
3 min
Cloud Security
Detect and Prioritize Identity-Related Cloud Risk with InsightCloudSec
We are pleased to introduce our next advancement of identity-related risk management and remediation in Rapid7's InsightCloudSec: Identity Analysis.