2 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 3: Ingestion of Other Technology Investments
By the time you’re ready to invest in a Managed Detection and Response (MDR) service, you’ve likely already invested in a number of different security tools aimed at preventing threats and detecting breaches. MDR is a continued investment in this technology, not always a pure replacement.
2 min
Emergent Threat Response
SolarWinds Patches Four New Vulnerabilities in Their Orion Platform
SolarWinds released fixes for 4 new vulnerabilities in their Orion platform, the most severe of which is an authenticated RCE flaw due to a JSON deserialization weakness.
3 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 2: Ingestion of Network Device Data
One area that can offer incredible benefits in a Managed Detection and Response provider is the ingestion of network device data.
5 min
Metasploit
Metasploit Wrap-Up: 3/26/21
New Exchange ProxyLogon modules, VMWare View Planner RCE, Advantech iView RCE, and more!
3 min
Cloud Security
DivvyCloud Adds Support for IAM Analyzer Policy Recommendations
Rapid7 built out support for the IAM Access Analyzer policy recommendations to DivvyCloud within 48 hours of AWS’s announcement.
4 min
Detection and Response
Attack vs. Data: What You Need to Know About Threat Hunting
While the definition of threat hunting may be straightforward—proactively hunting for threats—the reality of implementing a threat-hunting program is a bit more complicated, as there are different threat-hunting methodologies to choose from.
4 min
Managed Detection and Response (MDR)
Rapid7 Recognized as a Strong Performer in the Inaugural Forrester Wave™ for MDR, Q1 2021
Rapid7 has been included among the top vendors in the inaugural Forrester Wave™: Managed Detection and Response, Q1 2021 and recognized as a Strong Performer.
3 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 1: Deep Observation of Real-Time Endpoint Data
Assessing Managed Detection and Response (MDR) vendors is no easy task. However, evaluating each based on predetermined tactical prescriptions for what a provider can offer your business can help ensure you are hiring the right fit for you and your team.
18 min
Zero-Day
Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange
In recent weeks, there has been quite a lot of reporting on the exploitation of the latest disclosed vulnerabilities in Microsoft’s Exchange Server by an attacker referred to as HAFNIUM.
6 min
SOAR
SOC Automation with InsightIDR and InsightConnect
It may not be a surprise that automating your security operations will augment your team’s skills and expertise to detect and respond to threats with super speed.
4 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: Mar. 19, 2021
A local exploit for a Windows Server 2012 DLL hijacking vulnerability, plus a slew of fixes and improvements.
5 min
News
F5 Discloses Eight Vulnerabilities—Including Four Critical Ones—in BIG-IP Systems
On March 10, 2021, F5 disclosed eight vulnerabilities, four of which are deemed "critical."
2 min
Application Security
Rapid7 Announces Release of New tCell Amazon CloudFront Agent
We are excited to announce tCell’s CloudFront agent, which leverages Lambda@Edge to help push security closer to the “edge” without requiring any code changes to your applications.
2 min
Metasploit
Metasploit Wrap-Up: 3/12/21
Three new modules for achieving code execution, a new way to play favorites, and more! Plus a Google Summer of Code announcement!
2 min
Research
Introducing the 2020 Vulnerability Intelligence Report: 50 CVEs that Made Headlines in 2020
Our 2020 Vulnerability Intelligence Report examines 50 vulnerabilities from 2020 to highlight exploitation patterns, explore attacker use cases, and offer a practical framework for understanding new threats.