1 min
Haxmas
Happy HaXmas from the Rapid7 Team!
This year's been a weird one, but we're thrilled that we’re able to keep up our favorite holiday tradition of our annual HaXmas blog series.
4 min
Vulnerability Management
The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices
Based on the assessment of 24 service protocols, Rapid7’s NICER revealed key insights about the current state of the internet.
7 min
Vulnerability Management
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform.
3 min
Metasploit
Metasploit Wrap-Up: 12/11/20
This week's wrap-up covers five new modules (including scanner, execution, and disclosure modules), some good fixes and enhancements, and more!
2 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of etcd
In the latest edition of our NICER Protocol Deep Dive blog series, we break down the internet exposure of etcd.
2 min
InsightVM
New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility
When speaking with customers, we continue to hear that they are looking for more visibility into their vulnerability risk management activities.
5 min
Under the Hoodie
2020 Under the Hoodie Report Reveals Pen Testers’ Most-Loved Vulnerabilities
Understanding the vulnerabilities that pen testers rely on will help you make sure your organization is prepared to patch particular vulnerabilities.
3 min
Metasploit
Congrats to the Winners of the 2020 December Metasploit Community CTF
Thank you all that participated in the 2020 December Metasploit community CTF
! The four
day CTF was well received by the community, with 874 teams and 1903 users
registered! We’ve included the high-level stats and the competition winners
below. If you played the CTF and want to let the Metasploit team know which
challenges you found exhilarating, interesting, or infuriating (in a good way,
of course), we have a feedback survey
4 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of memcached
In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of memcached.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 12/4/20
It's CTF week(end)! Plus, steal files from Apache Tomcat servers thanks to a new Ghostcat exploit, and dump process memory with a new post module that leverages Avast AV's built-in AvDump utility.
6 min
InsightVM
How to Create an OS-Based Policy Scanning Workflow in InsightVM
In this blog, we provide a step-by-step walkthrough of how to create an OS-based policy scanning workflow in InsightVM.
2 min
InsightIDR
Rapid7’s InsightIDR Introduces Integration with Cybereason
As InsightIDR continues to help teams save time and drive more effective detection and response, we’re excited to announce that customers can now integrate with Cybereason
6 min
Cloud Security
A Holistic Approach to Kubernetes Security and Compliance
Taking a holistic approach to security and risk is essential for any organization that uses Kubernetes or another cloud-based container platform.
3 min
Vulnerability Management
Threat and Vulnerability Management Best Practices
In this blog post, we provide a high-level overview of vulnerability management and why it’s critical for modern businesses.
4 min
InsightIDR
Rapid7 Recognized as a Strong Performer Among Security Analytics Providers by Leading Industry Report
We are thrilled to share that Rapid7 has been recognized as a Strong Performer in The Forrester Wave™: Security Analytics Platforms, Q4 2020.