3 min
Detection and Response
2021 Detection and Response Planning, Part 3: Why 2021 Is the Year for SOC Automation
In this third installment of our series around 2021 security planning, we’re focused on SOC automation.
18 min
InsightVM
Scan Template Best Practices in InsightVM
This blog post will give you a ballpark best practice that applies to the majority of environments, as well as some descriptions that outline the thought process, math, and reasoning.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/23/20
A bug fix for EternalBlue on Metasploit 6, four new modules, and a bunch of enhancements.
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of Remote Desktop (RDP)
In this edition of our NICER Protocol Deep Dive blog series, we break down the internet exposure of remote desktop (RDP).
2 min
Application Security
What’s New in InsightAppSec and tCell: Q3 2020 in Review
This blog recaps some of the latest and greatest ways to leverage Rapid7’s appsec technologies to get time back in your days.
1 min
Penetration Testing
This One Time on a Pen Test: Thanks for Sharing Your Wi-Fi
In this iteration of our "This One Time on a Pen Test" series, our client was a private equity company, and the task was to do an onsite wireless pen test from the lobby outside their office.
9 min
Vulnerability Disclosure
Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities
Today, we're announcing a coordinated vulnerability disclosure on a set of address bar spoofing vulnerabilities that affect a number of mobile browsers.
5 min
Windows
Are You Still Running End-of-Life Windows Servers?
Windows Server 2008 and 2008 R2 reached their end of life (EOL) on Jan. 14, 2020, but what does that mean in practice?
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of IMAP and POP
In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of IMAP and POP.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/16/20
Hacktoberfest 2020 and wisdom from around the Metasploit water cooler. Keep an eye out for more info on the next Metasploit community CTF (coming soon).
1 min
InsightVM
Fewer False Alarms, Faster Reporting: InsightVM Introduces New One-Click Fix For False Positives
Let’s talk false positives. They’re frustrating and faulty to anyone in security. The good news? We’ve added even more ways to reduce the noise they cause.
3 min
InsightIDR
Introducing Enhanced Endpoint Telemetry (EET) in InsightIDR
Rapid7 is excited to announce Enhanced Endpoint Telemetry (EET) in our SIEM, InsightIDR.
2 min
Cloud Security
Heartland Dental’s Ambitions Land Them in the Cloud
We sat down with Heartland Dental to talk about why they chose Rapid7, how quickly they’re expanding, and why it’s time to shift services to the cloud.
3 min
Vulnerability Management
There Goes The Neighborhood: Dealing With CVE-2020-16898 (and CVE-2020-1656) (aka"Bad Neighbor")
Microsoft released a patch for BSoD + RCE CVE-2020-16898 ("Bad Neighbor") in the October 2020 Patch Tuesday vulnerability disclosures along with Juniper releasing CVE-2020-1656 the same week.
5 min
Detection and Response
2021 Detection and Response Planning, Part 2: Driving SOC Efficiency With a Detections-First Approach to SIEM
In this installment of our security planning series, we’ll explore the importance of reliable detections to drive an efficient security program forward.