All Posts

NICER Protocol Deep Dive: Internet Exposure of DNS

In this edition of our NICER Protocol Deep Dive blog series, we discuss the internet exposure of DNS.

Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity

Let’s take a look at some key insights on current industry efforts to more closely integrate DevOps and SecOps—and how you can plot your best path forward.

3 min IoT

HaXmas Hardware Hacking

This HaXmas, I decided to dig around a little in Rapid7's library of IoT investigations that never really went anywhere, just to see which tools were used.

3 min Metasploit

Metasploit 2020 Wrap-Up

2020 was certainly an interesting year - let’s take a look at what it meant for Metasploit.

4 min Research

Rapid7 Labs’ 2020 Naughty List Summary Report to Santa

Your dutiful elves here at Rapid7 Labs have compiled a list of the naughty country networks being used to launch cyberattacks across the globe.

8 min Haxmas

Metasploit Tips and Tricks for HaXmas 2020

For this year's HaXmas, we're giving the gift of Metasploit knowledge!

5 min Security Strategy

UPnP With a Holiday Cheer

For today’s discussion, this blog post will only cover the port forwarding services and will also share a Python script you can use to start examining this service.

3 min InsightVM

Set New InsightVM Goals and Share with Your Team for Increased Visibility and More Efficient Execution

Since 2018, thousands of enterprises have utilized InsightVM’s Goals and SLAs feature to build their organization-specific security goals.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 12/18/20

Exploits for Oracle Solaris CVE-2020-14871 and Windows 7 CVE-2020-1054, plus enhancements and bug fixes for Railgun and msfdb init. Happy HaXmas!

4 min InsightIDR

What’s New in InsightIDR: Q4 2020 in Review

As we near the end of 2020, we wanted to offer a closer look at some of the recent updates and releases in InsightIDR from Q4 2020.

3 min Threat Intel

Sending the All-Clear Signal: The Implications of WhatsApp’s New Data Privacy Policy

Popular messaging app WhatsApp announced new data privacy policy changes set to debut on February 8, much to the chagrin of its massive user base.

3 min Threat Intel

3 Security Regulations Automotive Companies Need to Know

A Rapid7 research report breaking down the cyber threat landscape in the automotive industry shows cyberattacks in the sector have risen rapidly.

3 min InsightVM

How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM

In this blog, we will be focusing on a simple use case that enables your organization to achieve greater visibility into your policy customization process.

1 min Haxmas

Happy HaXmas from the Rapid7 Team!

This year's been a weird one, but we're thrilled that we’re able to keep up our favorite holiday tradition of our annual HaXmas blog series.

4 min Vulnerability Management

The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices

Based on the assessment of 24 service protocols, Rapid7’s NICER revealed key insights about the current state of the internet.