All Posts

Metasploit Wrap-Up: 2/28/20

Android Binder UAF, OpenNetAdmin RCE, and a slew of improvements, including colorized HttpTrace output and a better debugging experience for developers.

3 min Vulnerability Management

How to Improve Vulnerability Patching Efficiency through Automation

In this blog, we discuss how automation can improve your security team's patching efficiency.

5 min Security Operations

How to Define Business Value for Security Programs

Today, we're evaluating the categorization of Detection and Response program outcomes and Attack Surface Management outcomes uncovered by Rapid7's UX team.

3 min Managed Detection and Response (MDR)

How MDR SOC Customer Tony Hamil Leverages the Automation of InsightConnect

Recently, Tony Hamil spoke with us about how InsightConnect, Rapid7’s SOAR solution, enhances and goes beyond the capabilities of the MDR SOC.

1 min

Welcome to Rapid7's Extension Forum

Rapid7 is excited to announce the launch of Rapid7 Discuss, a forum intended to serve as a home for analysts, developers, and security practitioners alike.

3 min SOAR

Rapid7 Named 2019 Global SOAR Company of the Year by Frost & Sullivan

We are thrilled to announce that Frost & Sullivan has named Rapid7 as the Global SOAR Company of the Year after analyzing InsightConnect.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 2/21/20

Long live copy and paste Adam Galway enhanced the set PAYLOAD command to strip the /payload/, payload/, and / prefixes from a payload name in an effort to improve the user experience while configuring an exploit's payload. You can see the new behavior below! msf5 exploit(windows/smb/ms17_010_eternalblue) > set payload /payload/windows/x64/meterpreter/reverse_tcp payload => windows/x64/meterpreter/reverse_tcp msf5 exploit(windows/smb/ms

4 min InsightIDR

Rapid7 Named a Leader in Gartner Magic Quadrant for Security Information and Event Management (SIEM)

Rapid7 is thrilled to be recognized as a Leader in the 2020 Gartner Magic Quadrant for Security Information and Event Management (SIEM).

2 min InsightAppSec

Dig Deeper in InsightAppSec with New Custom Dashboards Feature

To give customers more control over what types of data appear within InsightAppSec, we are pleased to announce our new custom dashboards feature.

8 min InsightVM

ServiceNow CMDB Asset Import Using the InsightVM Integration for ServiceNow CMDB

This is part two of our series covering the recently released InsightVM Integration for ServiceNow CMDB application available on the ServiceNow Platform.

5 min Public Policy

Hackers On The Hill - Slides and recap on cybersecurity policy

Recap of a presentation on the state of public policy related to cybersecurity and hacking from Hackers On The Hill 2020.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 2/14/20

Ricoh Privilege Escalation No ink? No problem. Here’s some SYSTEM access. A new module by our own space-r7 has been added to Metasploit Framework this week that adds a privilege escalation exploit for various Ricoh printer drivers on Windows systems. This module takes advantage of CVE-2019-19363 by overwriting th

4 min InsightAppSec

InsightVM + InsightAppSec: A Love Story

Today, we take a moment to appreciate how two of our products, InsightVM and InsightAppSec, work together to secure the entire tech stack for our customers.

5 min Penetration Testing

Ask a Pen Tester Q&A, Part 2: Everything You Need to Know About the Art of Penetration Testing

We sat down with our own penetration testers to answer some of your questions about what exactly pen testing entails.

4 min Cloud Security

How to Handle Misconfigurations in the Cloud

In part three of our four-part series on security in the cloud, we will cover how to handle misconfigurations in the cloud.