3 min
InsightCloudSec
Can Cloud Security Be Easier Than Complex?
Cloud security is one dish in the larger holiday meal of a company’s entire budget. Fighting for scraps of funding is hard, so it’s important to identify exactly what you need.
2 min
AWS
Rapid7 Integration For AWS Verified Access
Today at re:invent, Amazon Web Services (AWS) unveiled its new AWS Verified Access service, and we are thrilled to announce that InsightIDR — Rapid7’s next-gen SIEM and XDR — will support log ingestion from this new service when it is made generally available.
2 min
AWS
InsightIDR Launches Integration With New AWS Security Data Lake Service
One of the most exciting announcements has to be the launch of Amazon Security Lake. We see a lot of potential for this new service, which is why Rapid7 is proud to announce the immediate availability of an integration between InsightIDR and Security Lake.
3 min
Cloud Infrastructure
Unifying Threat Findings to Elevate Your Runtime Cloud Security
Widespread growth in cloud adoption in recent years has given businesses across industries the ability to transform in new ways, often forcing them to choose between slowing the pace of their innovation or taking on massive amounts of unmanaged risk.
3 min
Cloud Security
Reducing Risk In The Cloud with Agentless Vulnerability Management
In order to gain visibility into vulnerabilities in their public cloud environments, many organizations still rely on agent or network-based scanning technology that was initially built for traditional infrastructure and endpoints.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 11/15/22
2 new modules targeting F5 devices, DuckyScript support, bug fixes, and more
5 min
Cloud Security
Aligning to AWS Foundational Security Best Practices With InsightCloudSec
When an organization is moving their IT infrastructure to the cloud or expanding with net-new investment, the hardest tasks for the security team is to identify the proper security policies and controls to keep their cloud environments secure and the applications and sensitive data they host safe.
3 min
InsightIDR
Search Made Easy: InsightIDR’s Secret Weapon for Efficiency and Efficacy
InsightIDR has lots of features that have enabled my organization to identify and respond more easily to threats. In this blog post, I’m going to share some insight into my favorite – InsightIDR’s Log Search function.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 11/18/22
Pre-authenticated Remote Code Execution in VMware NSX Manager using XStream
(CVE-2021-39144)
There’s nothing quite like a pre-authenticated remote code execution
vulnerability in a piece of enterprise software. This week, community
contributor h00die-gr3y added a module
that targets VMware
NSX Manager using XStream. Due to an unauthenticated endpoint that leverages
XStream for input serialization in VMwa
4 min
InsightCloudSec
Better Cloud Security Shouldn’t Require Bigger Budgets
When security budgets don’t match the pace of the cloud operations they’re tasked with securing, the only thing to do is become an expert in the stretch. It’s hard, and you might currently be under increasing stress to pull it all off.
5 min
Cloud Security
Rapid7 and HashiCorp Partner to Secure Terraform-based Cloud Infrastructure Deployments
In the latest installment in our cloud security “shift-left” blog series, we discuss Rapid7’s recent partnership with HashiCorp, ongoing support for scanning Terraform plans with our IaC security feature, and the recently released integration with Terraform Cloud & Enterprise run tasks.
3 min
Application Security
Rapid7 Takes Home 2 Awards and a Highly Commended Recognition at the 2022 Belfast Telegraph IT Awards
Rapid7 was honored at the Belfast Telegraph's annual IT Awards, Friday, taking home a pair of awards including the coveted “Best Place to Work in IT” in the large company category award, and the “Cyber Security Project of the Year” award.
12 min
Vulnerability Disclosure
CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures
Rapid7 discovered several vulnerabilities and exposures in specific F5 BIG-IP and BIG-IQ devices in August 2022. Since then, members of our research team have worked with the vendor to discuss impact, resolution, and a coordinated response.
4 min
InsightConnect
How to Develop a SOAR Workflow to Automate a Critical Daily Task
In this blog post, I’ll provide an overview of my experience developing a URL Blocking workflow to fit my organization’s specific needs – and perhaps those of your organization as well!
2 min
Emergent Threat Response
CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities
On November 8, 2022, Citrix published Citrix Gateway and Citrix ADC Security
Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516
announcing fixes for three vulnerabilities:
* CVE-2022-27510
“Unauthorized access to Gateway user capabilities”
* CVE-2022-27513