Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.

View Cookie Policy for full details

We've updated Rapid7’s community resources

Hello. We've evolved our community resources to provide a richer experience. Learn more.
Questions? Contact us.

blog.rapid7.com

Blogs, How-tos, & Research

Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.

Explore the Blog
help.rapid7.com

Docs, Help, & Questions

Help content and documents are now curated to let you get the information you need even faster.

Explore Help
3 min read

Ask a Pen Tester, Part 1: A Q&A With Rapid7 Pen Testers Gisela Hinojosa and Carlota Bindner

 Read More
3 min read

Rapid7 Named a Leader in the 2020 Forrester Wave™ for Midsize Managed Security Services Providers, Q3 2020

 Read More
9 min read

Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 2 Sessions

 Read More
View All Tags

Popular Tags:
3 min read

Metasploit Wrap-Up

Six new modules this week, and a good group of enhancements and fixes!…

Adam Galway
Adam Galway Sep 18, 2020 Metasploit
6 min read

NICER Protocol Deep Dive: Internet Exposure of SMB

In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at internet exposure of SMB.…

Tod Beardsley
Tod Beardsley Sep 18, 2020 National / Industry / Cloud Exposure Report (NICER)
5 min read

A step closer to stronger federal IoT security

The US House passed the IoT Cybersecurity Improvement Act, which would require federal procurement and use of IoT devices to conform to basic security requirements.…

Harley Geiger
Harley Geiger Sep 17, 2020 Public Policy
3 min read

Decentralize Remediation Efforts to Gain More Efficiency with InsightVM

We’re excited to introduce you to two new InsightVM product updates to help you further reduce friction, save time, and gain greater efficiency.…

Tori Sitcawich
Tori Sitcawich Sep 17, 2020 InsightVM
2 min read

This One Time on a Pen Test: Outwitting the Vexing VPN

In this edition of "This One Time on a Pen Test," we discuss outwitting the vexing VPN.…

Robert Stewart
Robert Stewart Sep 16, 2020 Penetration Testing
2 min read

Rapid7 and Snyk Are on the Run(time) with Expanded SCA Capabilities

Earlier this year, Rapid7 and Snyk partnered together with the goal of securing cloud-native apps across the software development lifecycle (SDLC).…

Bria Grangard
Bria Grangard Sep 15, 2020 Application Security
2 min read

CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know

CVE-2020-1472 is a critical privilege escalation vulnerability that can yield an attacker full takeover of an affected network. Here's what you need to know.…

Caitlin Condon
Caitlin Condon Sep 14, 2020 Vulnerability Management
3 min read

Vulnerability Remediation vs. Mitigation: What’s the Difference?

In this blog, we dive into better understanding the difference between vulnerability mitigation vs. remediation.…

Tori Sitcawich
Tori Sitcawich Sep 14, 2020 Vulnerability Management
5 min read

NICER Protocol Deep Dive: Internet Exposure of FTP/S (TCP/990)

In this installation of our NICER Protocol Deep Dive blog series, we take a look at the internet exposure of FTP/S (TCP/990).…

Tod Beardsley
Tod Beardsley Sep 14, 2020 National / Industry / Cloud Exposure Report (NICER)
2 min read

Metasploit Wrap-Up

Three new modules, including a Pwn2Own addition for OS X, plus proxy support for Python Meterpreter, new search improvements, and a reminder of how to report security issues in Metasploit.…

James Barnett
James Barnett Sep 11, 2020 Metasploit Weekly Wrapup
4 min read

How to Track and Remediate Default Account Vulnerabilities in InsightVM

In this blog post, we discuss older, lesser-known features that can still provide amazing value in your vulnerability management program using InsightVM.…

Landon Dalke
Landon Dalke Sep 10, 2020 InsightVM
2 min read

This One Time on a Pen Test: I’m Calling My Lawyer!

In this engagement, Rapid7 pen testers were tasked to identify sensitive information, harvest credentials, and obtain a reverse shell on their machines.…

Jonathan Stines
Jonathan Stines Sep 09, 2020 Penetration Testing
4 min read

How Rapid7 Is Transforming an On-Premises SOAR Tool into a Cloud-First Automation Platform

In this blog, we discuss how Rapid7 Is transforming an on-premises SOAR tool into a cloud-first automation platform.…

Spencer Engleson
Spencer Engleson Sep 09, 2020 SOAR
3 min read

Patch Tuesday - September 2020

129 Vulnerabilities Patched in Microsoft's September 2020 Update Tuesday (2020-Sep Patch Tuesday)Despite maintaining the continued high volume of vulnerabilities disclosed and patched this month, Microsoft's 129-Vulnerability September 2020 Update Tuesday is seemingly calm from an operations perspective -- at first glance. While following standard…

Richard Tsang
Richard Tsang Sep 08, 2020 Vulnerability Management
4 min read

Metasploit Wrap-Up

New reflective PE file loader, a new module, new search improvements, and updates on Google Summer of Code projects.…

Alan David Foster
Alan David Foster Sep 04, 2020 Metasploit Weekly Wrapup

Never miss a blog

Get the latest stories, expertise, and news about security today.

BACK TO TOP