4 min
Vulnerability Management
InsightVM Release Update: Let’s Focus on Remediation for Just a Minute
We’re pleased to release two InsightVM updates that are aimed at not only improving VM program success but also reducing the effort to get you there.
7 min
Vulnerability Management
Patch Tuesday - July 2022
One 0-day vulnerability, four Critical RCEs, and a whole bunch of fixes for Azure Site Recovery.
5 min
Security Strategy
How to Build and Enable a Cyber Target Operating Model
In a recent webinar, Rapid7's EMEA CTO Jason Hart explained the journey to a targeted operating cybersecurity model.
6 min
Patch Tuesday
Patch Tuesday - June 2022
Patches for Follina, more NFS and LDAP vulnerabilities, and the beginning of the end for IE11.
4 min
Vulnerability Management
The Hidden Harm of Silent Patches
Silent patches limit who understands how to exploit a vulnerability, which sounds like a great plan — but there's a catch.
7 min
Vulnerability Management
Patch Tuesday - May 2022
This month is par for the course in terms of both number and severity of vulnerabilities being patched by Microsoft. There is one 0-day this month: CVE-2022-26925, a Spoofing vulnerability in the Windows Local Security Authority (LSA) subsystem.
5 min
Vulnerability Management
How to Strategically Scale Vendor Management and Supply Chain Security
Here are simple changes that can help you provide more impactful supply chain security guidance and controls to decrease risk.
5 min
Vulnerability Management
What's New in InsightVM and Nexpose: Q1 2022 in Review
The product updates our vulnerability management (VM) team has made to InsightVM and Nexpose in the last quarter will empower you to stay in charge — not the vulnerabilities.
4 min
Emergent Threat Response
CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)
On April 9, ManageEngine fixed CVE-2022-28810 with the release of ADSelfService Plus Build 6122.
11 min
Vulnerability Management
Patch Tuesday - April 2022
From Defender to Windows, Office to Azure, this month’s Patch Tuesday has a large swath of Microsoft’s portfolio getting vulnerabilities fixed. 119 CVEs were addressed today, not including the 26 Chromium vulnerabilities that were fixed in the Edge browser.
3 min
Application Security
Securing Your Applications Against Spring4Shell (CVE-2022-22965)
In this blog, we wanted to share some recent product enhancements across our application security portfolio to help our customers with easy ways to test and secure their apps against Spring4Shell.
5 min
Ransomware
4 Fallacies That Keep SMBs Vulnerable to Ransomware, Pt. 2
In our second blog in this two-part series, Datto Inc. CISO Ryan Weeks outlines the third and fourth fallacies that perpetuate ransomware risk for SMBs.
4 min
Research
Analyzing the Attack Landscape: Rapid7’s 2021 Vulnerability Intelligence Report
Rapid7’s 2021 Vulnerability Intelligence Report provides a landscape view and expert analysis of critical vulnerabilities and threats.
5 min
Ransomware
4 Fallacies That Keep SMBs Vulnerable to Ransomware, Pt. 1
In this two-part blog series, we will present four common mistakes SMBs make when thinking about ransomware risk.
4 min
Vulnerability Management
The VM Lifecycle: How We Got Here, and Where We’re Going
In this post, we explore the concept of a vulnerability management lifecycle, providing practical guidance and definitions.