In this blog post, we provide a high-level overview of vulnerability management and why it’s critical for modern businesses.…
We are thrilled to share that Rapid7 has been recognized as a Strong Performer in The Forrester Wave™: Security Analytics Platforms, Q4 2020.…
In the latest installment of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of Redis.…
Five new modules, and a reminder for the upcoming CTF…
OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620.…
Use these insights to help make the right decisions on cloud adoption for your organization.…
In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of the Microsoft SQL Server.…
Two new RCE-capable modules and some good fixes and enhancements!…
It’s time for another Metasploit community CTF! This time around we’re doing a few things differently. Read on for details.…
In the latest edition of our "This One Time On a Pen Test" series, we take a look at an engagement featuring Cross-site request forgery attacks.…
Congress passed a law to secure federal procurement and use of IoT devices, and require contractors to adopt coordinated vulnerability disclosure processes.…
In this blog, we take you on a behind-the-scenes look at the making of our 2020 Under the Hoodie video series.…
In this blog, we address Tesla Backup Gateways and identify key areas where Tesla could improve security and privacy to help customers protect themselves.…
Once upon a time (just a handful of years ago), vulnerability management programs focused solely on servers, running quarterly scans that targeted only critical systems. But that was then, and you can’t afford such a limited view in the now. Truth is, vulnerability exploitation…
Four new modules, including an exploit for SaltStack Salt and an exploit for a now-patched vuln in Metasploit, plus new enhancements and fixes.…
