2 min
InsightCloudSec
What's New in DivvyCloud by Rapid7: April 2021
This month, we’d like to focus on one key area of change included in this release: the scheduler.
4 min
ICER Reports
Rapid7's 2021 ICER Takeaways: Email Security Among the Fortune 500
We all know and love—or at least begrudgingly rely upon—email. It is a pillar of modern communications, but is unfortunately also highly susceptible to being leveraged as a mechanism for malicious actions, such as spoofing or phishing.
3 min
InsightVM
What’s New in InsightVM: Q1 2021 in Review
Here now is a rundown of new features and functionality launched in Q1 2021 for InsightVM and Insight Cloud. We hope you can begin to leverage these changes to drive success across your organization.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/23/21
New session validation enhancements across command shell types verify sessions have been established and are responsive before they can be used. Plus, JSON RPC service improvements, three new modules, and more fixes and enhancements.
5 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 8: Rapid7 Incident Response (Breach) Support
Having the best threat detection methodologies, a streamlined and efficient process for validating threats, and a rock-solid reporting standard may still leave you open to unexpected costs.
3 min
Emergent Threat Response
Active Exploitation of Pulse Connect Secure Zero-Day (CVE-2021-22893)
On Tuesday, FireEye published detailed analysis of multiple threat campaigns targeting Ivanti’s Pulse Connect Secure VPN.
3 min
Cloud Security
The Future is Friction-Free: Drive Innovation With DevOps + SecOps
How can DevOps and IT teams work and innovate in a friction-reduced or—we can all dream—a friction-free way?
3 min
Open Source
Rapid7 and Velociraptor Join Forces
Rapid7 has acquired a digital forensics and incident response (DFIR) framework called Velociraptor.
6 min
Public Policy
Overview of the EU’s draft NIS 2 Directive
The EU Commission proposed revisions to its NIS Directive that would enhance cybersecurity requirements on critical infrastructure-like organizations in the EU. This post provides an overview of the proposed revisions.
4 min
Phishing
How to Turbocharge Your Phishing Response Plan
A quick reaction to a phishing threat can mean the difference between a massive breach or a fast fix.
3 min
Kubernetes Security
Rapid7 Announces Kubernetes Integration General Availability in InsightVM
Rapid7 is excited to announce the general availability of our Kubernetes integration in InsightVM, our vulnerability management tool.
3 min
Threat Intel
Insider-Assisted Attacks Prove Costly for Telecoms
Here are some instances in which telecom companies were breached with the help of an insider.
5 min
Metasploit
Metasploit Wrap-Up: Apr. 16, 2021
New modules for Nagios, Chrome, and Haserl targets, and also many improvements and fixes!
2 min
Emergent Threat Response
Codecov Discloses Supply Chain Compromise
On April 15, code coverage and testing company Codecov announced a supply chain compromise in which a malicious party gained access to their Bash Uploader script and modified it without authorization.
5 min
MDR Vendor Must-Haves, Part 7: Managed Response Actions
Security teams face unprecedented challenges as the threat landscape expands in scope and complexity. Protecting the organization in today’s environment has led to analyst fatigue, with many organizations struggling to respond to both user and host threats in a timely manner.