4 min
Managed Detection and Response (MDR)
The Empty SOC Shop: Where Has All the Talent Gone?
Here's a closer look at some strategies you can use to address churn and staffing shortages in your security operations center (SOC).
3 min
Vulnerability Management
What’s New in InsightVM and Nexpose: Q3 2022 in Review
Let’s take a look at some of the key releases in InsightVM and Nexpose from Q3 2022.
4 min
SIEM
How to Deploy a SIEM That Actually Works
In this guest post, Rapid7 customer Robert Holzer shares three critical steps for a successful SIEM deployment.
4 min
Metasploit
Metasploit Weekly Wrap-Up: 9/23/22
Have you built out that awesome media room?
If your guilty pleasures include using a mobile device to make your home
entertainment system WOW your guests, you might be using Unified Remote
. I hope you are extra cautious about what
devices you let on that WiFi network. A prolific community member h00die
added a module this week that uses a recently
published vulnerability from H4RK3NZ0 to leverage
an unprot
5 min
Threat Intel
Threat Intel Enhances Rapid7 XDR With Improved Visibility and Context
After the one-year milestone of Rapid7’s acquisition of IntSights, the added value threat intelligence brings to our product portfolio is unmistakable.
5 min
Detection and Response
Prioritizing XDR in 2023: Stronger Detection and Response With Less Complexity
Should your team adopt XDR, and if yes, how do you evaluate vendors to determine the best approach? This post takes a closer look.
5 min
SOAR
How to Accelerate Your SOAR Program to Full Speed in Less Than a Year
Here are some reflections and advice about setting up a SOAR program, through the lens of one practitioner's successful and innovative year.
2 min
Emergent Threat Response
CVE-2022-36804: Easily Exploitable Vulnerability in Atlassian Bitbucket Server and Data Center
On August 24, 2022, Atlassian published an advisory for Bitbucket Server and Data Center alerting users to CVE-2022-36804.
5 min
Metasploit
Metasploit Weekly Wrap-Up: Sep. 16, 2022
BYOS: Bring your own stager
We try hard to make sure we have a great choice of fully-functional payloads to
choose from, but sometimes you might want to “branch” out on your own, and if
that’s the case we’ve got you covered. In an attempt to make Metasploit play
well with others, we’ve introduced a brand new payload type: “custom.” “Custom”
payloads use Metasploit stagers to build a stager that will stage whatever
shellcode you send it.
Got a third-party payload you want to run like Sliver or a
3 min
Vulnerability Management
The 2022 SANS Top New Attacks and Threats Report Is In, and It's Required Reading
The latest Top New Attacks and Threat Report from the cybersecurity experts at SANS is here — and the findings are critical for security teams.
7 min
Vulnerability Management
Patch Tuesday - September 2022
In this month's Patch Tuesday, we cover the 79 CVEs, including a zero-day privilege escalation, patched by Microsoft this month.
5 min
SOAR
Grey Time: The Hidden Cost of Incident Response
The time cost of incident response for security teams may be greater – and more complex – than we’ve been assuming.
8 min
Vulnerability Management
Getting the most out of your InsightVM console
Here are some of the most common improvements to help you get the most out of your InsightVM console in 2024.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 9/9/22
Authenticated command injection vulnerability of Cisco ASA-X with FirePOWER
Services:
jbaines-r7 added a new module that exploits an
authenticated command injection vulnerability CVE-2022-20828
of Cisco
ASA-X with FirePOWER Services. This vulnerability affects all Cisco ASA
appliances that support ASA FirePOWER module. Note that, although a patch has
been added to most recent ASA FirePOWER mod
4 min
Cloud Security
Integrating Cloud Security With DevOps and CI/CD Tools
In this post, we dive into a key aspect of our approach: integrating cloud security with developer and DevOps tooling.