Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.

View Cookie Policy for full details

We've updated Rapid7’s community resources

Hello. We've evolved our community resources to provide a richer experience. Learn more.
Questions? Contact us.

blog.rapid7.com

Blogs, How-tos, & Research

Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.

Explore the Blog
help.rapid7.com

Docs, Help, & Questions

Help content and documents are now curated to let you get the information you need even faster.

Explore Help
10 min read

Automate Insight Agent Deployment in AWS

 Read More
3 min read

Three Expensive Security Operations Costs and How to Minimize Them with SOAR

 Read More
1 min read

Introducing Metasploit’s First Evasion Modules

 Read More
View All Tags

Popular Tags:
2 min read

Metasploit Wrapup

The Malicious Git HTTP Server For CVE-2018-17456 module by timwr exploits a vulnerability in Git that can cause arbitrary code execution when a user clones a malicious repository using commands such as git clone --recurse-submodules and git submodule update.…

Matthew Kienow
Matthew Kienow Nov 16, 2018 Metasploit Weekly Wrapup
5 min read

[Q&A] Why Every Threat Detection Strategy Needs User Behavior Analytics

VP of Product Sam Adams explains how UBA works and how it’s evolved over the years to become a core part of threat detection and response strategies.…

Christie Ott
Christie Ott Nov 14, 2018 User Behavior Analytics
1 min read

Patch Tuesday - November 2018

Microsoft's patches this month address over 60 vulnerabilities. Just like last month, another zero-day privilege escalation vulnerability in Win32k has been patched. CVE-2018-8589 has been seen exploited in the wild, and allows a logged-in attacker to execute arbitrary code in the security context of a…

Greg Wiseman
Greg Wiseman Nov 13, 2018 Patch Tuesday
5 min read

Rolling with Your Logs, Part 2: Advanced Mode Searches

In the Part 2 of this three-part series on InsightIDR Log Search, we will cover three concepts: parsed logs, groupby function, and log search operations.…

Teresa Copple
Teresa Copple Nov 13, 2018 Log Search
2 min read

Metasploit Wrapup

Now in Framework: Exploit for jQuery File Upload plugin vuln, two new post modules to exfil images and texts from compromised iOS devices. Plus, this year's community CTF.…

Pearce Barry
Pearce Barry Nov 09, 2018 Metasploit Weekly Wrapup
3 min read

Top 5 Threats Healthcare Organizations Face and How to Combat Them

Looking to protect your healthcare organization from cyber-threats? Here are the top five threats to look out for and tips on how to outsmart attackers.…

Kristina LeBlanc
Kristina LeBlanc Nov 08, 2018 Medical
2 min read

Rapid7 Wins Frost & Sullivan 2018 Global Vulnerability Management Market Leadership Award

We’re thrilled to announce that Rapid7 InsightVM was selected as the market leader in vulnerability management by Frost & Sullivan.…

Justin Buchanan
Justin Buchanan Nov 07, 2018 Awards
4 min read

Rolling with Your Logs, Part 1: Your Guide to Log Search in InsightIDR

In the first installment of this series, we'll cover the three most important basics of log search, then run through a few common Simple Mode searches.…

Teresa Copple
Teresa Copple Nov 06, 2018 Log Search
3 min read

Announcing the 2018 Metasploit Community CTF

Two targets, three days, and a thousand teams: Put your skills to the test for a chance to win prizes and bragging rights in Metasploit’s 2018 community CTF.…

Caitlin Condon
Caitlin Condon Nov 05, 2018 Metasploit
2 min read

Metasploit Wrapup

Today marks the 30th anniversary of the Morris worm. We were hit by a wave of nostalgia, so here's a little history and a module-trip down memory lane courtesy of wvu.…

Aaron Soto
Aaron Soto Nov 02, 2018 Metasploit Weekly Wrapup
2 min read

Why It’s Critical to Test the Failure State of IoT Products

When considering or testing the security posture of an IoT product’s ecosystem, it is important to take into account how that product handles failure conditions.…

Deral Heiland
Deral Heiland Nov 02, 2018 IoT
4 min read

Expanded Protections for Security Researchers Under DMCA Sec. 1201

The Library of Congress announced that it would renew and expand legal protections for security testing under Section 1201 of the Digital Millennium Copyright Act (DMCA).…

Harley Geiger
Harley Geiger Nov 01, 2018 Public Policy

Blog Feed