5 min
Vulnerability Management
Reduce False Positive Vulnerabilities by Up To 22%
Today, we discuss how to measurably reduce false positive vulnerabilities so you can reallocate your team's time and resources.
2 min
Vulnerability Management
Rapid7 Named a March 2020 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment
The Rapid7 team is excited to announce that we have been recognized as a March 2020 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment.
2 min
Vulnerability Management
Active Exploitation of Unpatched Windows Font Parsing Vulnerability
Rapid7 analysis and customer guidance for a pair of unpatched font parsing vulnerabilities in multiple versions of Microsoft Windows (ADV200006).
5 min
Vulnerability Management
Redefining How to Measure the Success of Your Vulnerability Management Program
In this post, we’ll discuss which vulnerability risk management metrics matter and which ones don’t, and how to communicate them effectively.
4 min
Vulnerability Management
How to Understand the TCO and ROI of Your Vulnerability Management Program
In this blog, we discuss the total cost of ownership (TCO) compared to the potential return on investment (ROI) of your Vulnerability Management program.
3 min
Risk Management
CVE-2020-0796: Microsoft SMBv3 Remote Code Execution Vulnerability Analysis
Rapid7 analysis and exposure data on CVE-2020-0796, a critical remote code execution vulnerability in Microsoft's SMBv3 protocol.
2 min
Vulnerability Management
Patch Tuesday - March 2020
Let's start off talking about CVE-2020-0688
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688]
from last month -- the Microsoft Exchange Validation Key RCE vulnerability. At
the time it was published February 11, 2020, the vulnerability had not seen
active exploitation. As of March 9, 2020, there were increasing reports of
activity
[https://www.zdnet.com/article/multiple-nation-state-groups-are-hacking-microsoft-exchange-servers/]
happening on unpatched Exchange
3 min
Vulnerability Management
How to Improve Vulnerability Patching Efficiency through Automation
In this blog, we discuss how automation can improve your security team's patching efficiency.
8 min
InsightVM
ServiceNow CMDB Asset Import Using the InsightVM Integration for ServiceNow CMDB
This is part two of our series covering the recently released InsightVM Integration for ServiceNow CMDB application available on the ServiceNow Platform.
4 min
InsightAppSec
InsightVM + InsightAppSec: A Love Story
Today, we take a moment to appreciate how two of our products, InsightVM and InsightAppSec, work together to secure the entire tech stack for our customers.
4 min
Cloud Security
How to Handle Misconfigurations in the Cloud
In part three of our four-part series on security in the cloud, we will cover how to handle misconfigurations in the cloud.
3 min
Patch Tuesday
Patch Tuesday - February 2020
A relatively modest 99-vulnerability February Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Feb]
has arrived with a fix for the Internet Explorer 0-day CVE-2020-0674
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674]
(originally ADV200001
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200001])
announced back on January 17. Fortunately, that is the only vulnerability
reported this month th
2 min
Vulnerability Management
Rapid7 Analysis and Guidance: CDPwn (CVE-2020-3118)
This blog focuses on CVE-2020-3118, which Rapid7 considers to be the most severe and important of the CDPwn vulnerability group.
4 min
AWS
How to Identify, Prioritize and Remediate Vulnerabilities in the Cloud
In part two of our series on security in the cloud, we’ll discuss how to detect, prioritize, and remediate vulnerabilities that you find in your cloud environment.
3 min
Vulnerability Management
How to Measure the ROI of Your Vulnerability Risk Management Solution
In this blog, we discuss the seven key criteria you should consider when picking and measuring the efficacy of a vulnerability management solution.