8 min
Vulnerability Management
Understanding Ubiquiti Discovery Service Exposures
On Jan. 29, the Rapid7 Labs team was informed of a tweet by Jim Troutman indicating that Ubiquiti devices were being exploited and used to conduct denial-of-service attacks using a service on 10001/UDP.
4 min
InsightVM
Did You Remediate That? How to Integrate Vulnerability Remediation Projects with Your IT Infrastructure
Remediation projects in InsightVM enable you to follow a vulnerability remediation task from beginning to end by leveraging automation-assisted patching.
3 min
Research
Cisco RV320/RV325 Router Unauthenticated Configuration Export Vulnerability (CVE-2019-1653): What You Need to Know
Last week, a critical configuration weakness in Cisco® routers was responsibly disclosed on the Full Disclosure mailing list. Here's what you need to know.
2 min
Vulnerability Management
What WannaCry Taught Me About the Benefits of Agents in VM Programs
In the wake of the WannaCry attack, my security team and I learned firsthand why having an agent-based vulnerability management strategy could have helped.
2 min
InsightVM
Did You Remediate That? Take Control of Risk by Knowing Your Top 25 Vulnerabilities
InsightVM's Top 25 report is a great place to start when you want to take control of your overall vulnerability management program.
3 min
InsightVM
How to Use the InsightVM Policy Compliance Status Report to Measure Benchmark Configurations
Reports within InsightVM can help you demonstrate whether your systems stand up against compliance requirements.
3 min
AWS
Rapid7 Partners with AWS Security Hub for Deeper Vulnerability Reporting
Last month, we were thrilled to announce our integration with AWS Security Hub at AWS re:Invent.
5 min
InsightVM
Did You Remediate That? New InsightVM Executive Report Provides Key Details on Team Progress
We have developed the InsightVM Executive Report so that companies can easily report on month-over-month trends in their vulnerability management programs.
2 min
Whiteboard Wednesday
Whiteboard Wednesday: Common Vulnerabilities as Personified by Halloween Costumes
As a security professional, you don’t need a haunted house to feel spooked this Halloween—just start exploring your environment in search of vulnerabilities.
5 min
InsightVM
Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk
Here is a first-hand look at how we quantify the Real Risk Score and how this helps practitioners address the top vulnerabilities in their ecosystems.
3 min
Vulnerability Management
Take a Bite out of the Vulnerability Remediation Backlog with InsightVM
Security teams dealing with expanding networks and increasingly sophisticated attacks can use InsightVM to help stay on top of their vulnerability backlog.
2 min
Patch Tuesday
Patch Tuesday - October 2018
This month's patches from Microsoft include fixes for 50 distinct vulnerabilities.
3 min
Patch Tuesday
Patch Tuesday - September 2018
More than 60 vulnerabilities were addressed by this month's patches, including CVE-2018-15967 (a privilege escalation/information disclosure vulnerability in Adobe Flash Player).
3 min
InsightAppSec
Scan Management with InsightAppSec: There’s More to Application Security than Long Lists of Vulnerabilities
Knowing what you are scanning, how often, and with how much success is vital to knowing your vulnerability data is accurate, up-to-date, and reflects your security position. InsightAppSec can help.
2 min
Patch Tuesday
Patch Tuesday - August 2018
Microsoft's updates this month
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ecb26425-583f-e811-a96f-000d3a33c573]
address over 60 vulnerabilities, 20 of which are classified as Critical. As
usual, most of this month's fixes are browser-related, and nearly half of the
flaws could lead to remote code execution (RCE). Patches for Exchange, SQL
Server, and Microsoft Office were also released.
Two of this month's vulnerabilities have already been seen exploited in th