5 min
Patch Tuesday
Patch Tuesday - May 2021
Here we are again with another installment of Patch Tuesday. When compared to
the past few months this one feels a bit light both in severity and number of
vulnerabilities addressed. Microsoft has only released patches for 55 CVEs this
month, less than half of the usual volume, with only 4 of them being scored as
critical. Let's dive into the details.
HTTP Protocol Stack Remote Code Execution Vulnerability - CVE-2021-31166
4 min
Vulnerability Disclosure
Patch Tuesday Dashboard Template Release
Patch Tuesday introduces numerous vulnerabilities and their solutions that apply to many, if not nearly all, devices. Keeping up with the deployment of these patches is often challenging.
4 min
MDR Vendor Must-Haves, Part 10: Included Security Orchestration and Automation
This blog post is part of an ongoing series about evaluating Managed Detection and Response (MDR) providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.”
3 min
Metasploit
Metasploit Wrap-Up: 5/7/21
New modules that include Active Directory, Chrome, and Micro Focus targets. And we also reached-and-passed our 15,000th PR!!
5 min
DevOps
The Evolution of DevOps in 2021
DevOps has long been a key tool in helping organizations reliably and rapidly deliver systems into production.
6 min
ICER Reports
Rapid7's 2021 ICER Takeaways: Version Complexity Among the Fortune 500
Complexity is the enemy to successful security outcomes. To get a feel for how well-resourced organizations perform in this area, we looked at 3 factors.
6 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 9: Assigned Analyst Pods and Security Program Advisors
This blog post is part of an ongoing series about evaluating Managed Detection and Response (MDR) providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.”
1 min
ICER Reports
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): ASX 200
Today, we are excited to release the third report in our Industry Cyber-Exposure Report (ICER) series, which digs into cyber-exposure among organizations in Australia’s ASX 200.
4 min
Cloud Security
4 DevOps Challenges to Cloud Security and Compliance—and How IaC Can Help
There are many challenges on the road to the goal of a super-efficient working relationship between DevOps and cloud security. Let’s take a look at 4 of those challenges & how security organizations can leverage Infrastructure-as-Code (IaC) templates to go from a reaction to a prevention culture.
3 min
Kubernetes Security
Kubernetes Security Is Not Container Security
I recently had an interesting discussion with Gianluca Brindisi from Spotify about the differences between Kubernetes security and container security.
5 min
Kubernetes Security
Securing Kubernetes Deployments From Runway to Takeoff
Kubernetes use is rising rapidly—according to a 2019 Cloud Native Computing Foundation (CNCF) survey, 78% of respondents say they use Kubernetes today (58% more respondents than the previous year).
6 min
Career Development
Grow, Develop, and Impact More Than Just Your Career: Software Engineering at Rapid7 Belfast
As an employee-first organization, Rapid7 does its best to support, encourage, and provide resources to employees to ensure they are able to continue progressing in their careers and feel adequately supported in doing so.
3 min
Metasploit
Metasploit Wrap-Up: 4/30/21
New modules for vRealize, Druid, Redis, and more! Also some nice improvements and fixes.
4 min
ICER Reports
Rapid7's 2021 ICER Takeaways: Web Security Among the Fortune 500
There are very few security measures that should be applied to all web applications across the board without further subdividing what specific type of application we are referring to. However, there are a couple that we will examine here.
3 min
Application Security
DevSecOps and the New Scope of Application Development
As expectations of developers change, so too do those of security teams. It’s more of a collective effort than ever as business dependence on applications continues to grow.