Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

We've updated Rapid7’s community resources

Hello. We've evolved our community resources to provide a richer experience. Learn more.
Questions? Contact us.

blog.rapid7.com

Blogs, How-tos, & Research

Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.

Explore the Blog
help.rapid7.com

Docs, Help, & Questions

Help content and documents are now curated to let you get the information you need even faster.

Explore Help

Patch Tuesday - August 2020

120 Vulnerabilities Patched in Microsoft's August 2020 Update Tuesday (2020-Aug Patch Tuesday)August 2020 brings along patches for 120 vulnerabilities within the standard set of Microsoft products (Windows, Office, Browsers, and Developer Tools such as .NET Framework, ASP.NET, and Visual Studio).  Among the crowd…

Rapid7 Named a Leader in the 2020 Forrester Wave™ for Midsize Managed Security Services Providers, Q3 2020

Rapid7 is thrilled to be named a Leader in The Forrester Wave™: Midsize Managed Security Services Providers, Q3 2020!…

What’s New in InsightVM: H1 2020 in Review

Throughout the first half of the year, we released updates and features to help security teams work more effectively and efficiently in InsightVM.…

Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 2 Sessions

Our Rapid7 experts attended another day of incredible talks, and have plenty of key takeaways and insights to share about their Virtual Vegas sessions.…

Metasploit Wrap-Up

Metasploit 6 initial features and active development, the 2020 open-source security meetup (OSSM), four new modules, and the longest list of enhancements and fixes we've ever written in one sitting.…

Rapid7 tCell now supports Microsoft Agents on 32-Bit

We’re excited to share that over the past few weeks, we’ve released support for 32-bit applications for our .NET, .NET Core, and IIS agents.…

Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 1 Sessions

Even from home, it can be tough to catch what you want to see at Black Hat, so we had our experts do the work for you as part of our Virtual Vegas event.…

Metasploit 6 Now Under Active Development

The Metasploit team announces active development of Metasploit Framework 6. Initial features include end-to-end encryption of Meterpreter communications, SMBv3 client support, and a new polymorphic payload generation routine for Windows shellcode.…

InsightIDR Now Connects to Zoom for Easy Monitoring

Zoom adoption has skyrocketed with spikes in remote working, but web application security needs to be a top priority to avoid disruptions in collaboration.…

Metasploit Wrap-Up

SharePoint DataSet/DataTable deserialization First up we have an exploit from Spencer McIntyre (@zeroSteiner) for CVE-2020-1147, a deserialization vulnerability in SharePoint instances that was patched by Microsoft on July 14th 2020 and which has been getting quite a bit of attention in the news lately.…

Open Source Security Meetup (OSSM): Virtual Edition

The Rapid7 Metasploit team will be hosting our annual Open Source Security Meetup (OSSM) as a virtual event Thursday, August 6th!…

Cloud Best Practices Every Security Professional Should Know

In part one of this series on the cloud and cloud security for security professionals, we dove into everything you’ve ever wanted to know about the cloud.…

Remote Code Execution Risks in Secomea, Moxa, and HMS eWon ICS VPN Vulnerabilities: What You Need to Know

On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across products of three industrial control system (ICS) vendors’ — HMS, Secomea, and Moxa — remote access technologies.…

Rapid7 statement on privacy and status of EU-US data transfers post-Schrems II

On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield in the Schrems II case (also known as Data Protection Commissioner v. Facebook Ireland and Maximillian Schrems). Here is our response.…

Joe FitzPatrick on the Future of Hardware Security Training Sessions

On this Security Nation episode, Joe FitzPatrick, a lead researcher at securinghardware.com, discusses what it takes to run a successful hardware training session.…

Never miss a blog

Get the latest stories, expertise, and news about security today.