Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

We've updated Rapid7’s community resources

Hello. We've evolved our community resources to provide a richer experience. Learn more.
Questions? Contact us.

blog.rapid7.com

Blogs, How-tos, & Research

Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.

Explore the Blog
help.rapid7.com

Docs, Help, & Questions

Help content and documents are now curated to let you get the information you need even faster.

Explore Help

Metasploit Wrap-up

Nine new modules, including a module for Zerologon, a new SOCKS module, some privilege escalations, and another Java deserialization exploit.…

NICER Protocol Deep Dive: Internet Exposure of rsync

In this installment of our NICER Protocol Deep Dive blog series, we take a closer look at internet exposure of rsync.…

[Podcast] How Entrepreneur Christian Wentz Takes On Identity Authentication and Data Integrity One Line of Code at a Time

In our latest episode of Security Nation, we are joined by Christian Wentz, CEO, CTO, founder of Gradient, and multiple Ph.D holder.…

This One Time on a Pen Test: Ain’t No Fence High Enough

In this edition of "This One Time on a Pen Test," we discuss an engagement with for an energy company with a high-fence compound.…

Rapid7 Releases Q2 2020 Quarterly Threat Report

It’s hard to believe it’s already the end of September, and with it comes Rapid7’s Q2 2020 Quarterly Threat Report.…

Define What to Parse From Logs with the Custom Parsing Tool in InsightIDR

In InsightIDR, Rapid7’s SIEM tool, customers use log data to detect malicious activity, prove compliance, and gain visibility across their network.…

Metasploit Wrap-Up

Six new modules this week, and a good group of enhancements and fixes!…

NICER Protocol Deep Dive: Internet Exposure of SMB

In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at internet exposure of SMB.…

A step closer to stronger federal IoT security

The US House passed the IoT Cybersecurity Improvement Act, which would require federal procurement and use of IoT devices to conform to basic security requirements.…

Decentralize Remediation Efforts to Gain More Efficiency with InsightVM

We’re excited to introduce you to two new InsightVM product updates to help you further reduce friction, save time, and gain greater efficiency.…

This One Time on a Pen Test: Outwitting the Vexing VPN

In this edition of "This One Time on a Pen Test," we discuss outwitting the vexing VPN.…

Rapid7 and Snyk Are on the Run(time) with Expanded SCA Capabilities

Earlier this year, Rapid7 and Snyk partnered together with the goal of securing cloud-native apps across the software development lifecycle (SDLC).…

CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know

CVE-2020-1472 is a critical privilege escalation vulnerability that can yield an attacker full takeover of an affected network. Here's what you need to know.…

Vulnerability Remediation vs. Mitigation: What’s the Difference?

In this blog, we dive into better understanding the difference between vulnerability mitigation vs. remediation.…

NICER Protocol Deep Dive: Internet Exposure of FTP/S (TCP/990)

In this installation of our NICER Protocol Deep Dive blog series, we take a look at the internet exposure of FTP/S (TCP/990).…

Never miss a blog

Get the latest stories, expertise, and news about security today.