All Posts

8 min Velociraptor

Velociraptor Version 0.6.7: Better Offline Collection, Encryption, and an Improved NTFS Parser Dig Deeper Than Ever

Rapid7 is excited to announce the release of version 0.6.7 of Velociraptor – an advanced, open-source digital forensics and incident response (DFIR) tool.

3 min Security Operations (SOC)

Powerlifting in the Cybersecurity Skills Gap

If your SOC hasn’t been running smoothly in a while, there’s likely multiple reasons why. But that doesn’t mean there’s nothing you can do about it. An MDR provider could help you weather the talent gap.

3 min InsightCloudSec

Can Cloud Security Be Easier Than Complex?

Cloud security is one dish in the larger holiday meal of a company’s entire budget. Fighting for scraps of funding is hard, so it’s important to identify exactly what you need.

2 min AWS

Rapid7 Integration For AWS Verified Access

Today at re:invent, Amazon Web Services (AWS) unveiled its new AWS Verified Access service, and we are thrilled to announce that InsightIDR — Rapid7’s next-gen SIEM and XDR — will support log ingestion from this new service when it is made generally available.

2 min AWS

InsightIDR Launches Integration With New AWS Security Data Lake Service

One of the most exciting announcements has to be the launch of Amazon Security Lake. We see a lot of potential for this new service, which is why Rapid7 is proud to announce the immediate availability of an integration between InsightIDR and Security Lake.

3 min Cloud Infrastructure

Unifying Threat Findings to Elevate Your Runtime Cloud Security

Widespread growth in cloud adoption in recent years has given businesses across industries the ability to transform in new ways, often forcing them to choose between slowing the pace of their innovation or taking on massive amounts of unmanaged risk.

3 min Cloud Security

Reducing Risk In The Cloud with Agentless Vulnerability Management

In order to gain visibility into vulnerabilities in their public cloud environments, many organizations still rely on agent or network-based scanning technology that was initially built for traditional infrastructure and endpoints.

2 min Metasploit

Metasploit Weekly Wrap-Up: 11/15/22

2 new modules targeting F5 devices, DuckyScript support, bug fixes, and more

5 min Cloud Security

Aligning to AWS Foundational Security Best Practices With InsightCloudSec

When an organization is moving their IT infrastructure to the cloud or expanding with net-new investment, the hardest tasks for the security team is to identify the proper security policies and controls to keep their cloud environments secure and the applications and sensitive data they host safe.

3 min InsightIDR

Search Made Easy: InsightIDR’s Secret Weapon for Efficiency and Efficacy

InsightIDR has lots of features that have enabled my organization to identify and respond more easily to threats. In this blog post, I’m going to share some insight into my favorite – InsightIDR’s Log Search function.

2 min Metasploit

Metasploit Weekly Wrap-Up: 11/18/22

Pre-authenticated Remote Code Execution in VMware NSX Manager using XStream (CVE-2021-39144) There’s nothing quite like a pre-authenticated remote code execution vulnerability in a piece of enterprise software. This week, community contributor h00die-gr3y added a module that targets VMware NSX Manager using XStream. Due to an unauthenticated endpoint that leverages XStream for input serialization in VMwa

4 min InsightCloudSec

Better Cloud Security Shouldn’t Require Bigger Budgets

When security budgets don’t match the pace of the cloud operations they’re tasked with securing, the only thing to do is become an expert in the stretch. It’s hard, and you might currently be under increasing stress to pull it all off.

5 min Cloud Security

Rapid7 and HashiCorp Partner to Secure Terraform-based Cloud Infrastructure Deployments

In the latest installment in our cloud security “shift-left” blog series, we discuss Rapid7’s recent partnership with HashiCorp, ongoing support for scanning Terraform plans with our IaC security feature, and the recently released integration with Terraform Cloud & Enterprise run tasks.

3 min Application Security

Rapid7 Takes Home 2 Awards and a Highly Commended Recognition at the 2022 Belfast Telegraph IT Awards

Rapid7 was honored at the Belfast Telegraph's annual IT Awards, Friday, taking home a pair of awards including the coveted “Best Place to Work in IT” in the large company category award, and the “Cyber Security Project of the Year” award.

12 min Vulnerability Disclosure

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

Rapid7 discovered several vulnerabilities and exposures in specific F5 BIG-IP and BIG-IQ devices in August 2022. Since then, members of our research team have worked with the vendor to discuss impact, resolution, and a coordinated response.