Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.

View Cookie Policy for full details

We've updated Rapid7’s community resources

Hello. We've evolved our community resources to provide a richer experience. Learn more.
Questions? Contact us.

blog.rapid7.com

Blogs, How-tos, & Research

Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.

Explore the Blog
help.rapid7.com

Docs, Help, & Questions

Help content and documents are now curated to let you get the information you need even faster.

Explore Help
8 min read

Discovering a New Path in Asset Discovery: A Q&A with Metasploit Founder HD Moore

 Read More
1 min read

Happy HaXmas! Join Our New Twitter Tradition for the Best of Security in 2019 and Beyond

 Read More
6 min read

We Don’t Want White Font: Office Macros, Evasion, and Malicious Self-Reference

 Read More
View All Tags

Popular Tags:
2 min read

Discover the New BMC Remedy ITSM Plugin for InsightConnect

The BMC plugin focuses on the automation of incidents in BMC, with the goal of freeing up analysts’ time so they can focus on resolving issues.…

Matthew Hofert
Matthew Hofert Jan 23, 2020 InsightConnect
3 min read

Vulnerability Management in the Cloud: Addressing the AWS Shared Responsibility Model

In this post, we’ll show you what you’re responsible for securing in the cloud, how vulnerability management differs in the cloud, and how to minimize risk.…

Aaron Sawitsky
Aaron Sawitsky Jan 22, 2020 Vulnerability Management
4 min read

Better Together: How to Collaborate to Drive Vulnerability Remediation Among Security, IT, and DevOps Teams

If you feel anxious about the time it takes to remediate vulnerabilities, you’re not alone. These worries are very common among security professionals.…

Tori Sitcawich
Tori Sitcawich Jan 21, 2020 InsightVM
3 min read

Active Exploitation of Citrix NetScaler (CVE-2019-19781): What You Need to Know

A a directory traversal vulnerability was announced in the Citrix Application Discovery Controller and Citrix Gateway, which would allow a remote, unauthenticated user to write a file to a location on disk.…

Derek Abdine
Derek Abdine Jan 17, 2020 Research
2 min read

Metasploit Wrap-Up

Silly admin, Citrix is for script kiddies A hot, new module has landed in Metasploit Framework this week. It takes advantage of CVE-2019-19781 which is a directory traversal vulnerability in Citrix Application Delivery Controller (ADC) and Gateway. This exploit takes advantage of unsanitized input within…

James Barnett
James Barnett Jan 17, 2020 Metasploit
10 min read

How to Get Started with the InsightVM Integration for ServiceNow CMDB

Rapid7 is excited to announce the release of a new ServiceNow Platform application for InsightVM with the ServiceNow CMDB.…

Tyler Schmidtke
Tyler Schmidtke Jan 17, 2020 Vulnerability Management
2 min read

Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601): What You Need to Know

In this blog, we discuss everything you need to know about the CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability.…

Rapid7
Rapid7 Jan 16, 2020 Vulnerability Management
3 min read

How PCI Compliance Helps Keep Your App’s Credit Card Data Safe

In this blog, we break-down why you and your organization should be committed to the Payment Card Industry Data Security Standard (PCI DSS, or PCI).…

Bria Grangard
Bria Grangard Jan 16, 2020 PCI
5 min read

Announcing the 2020 Metasploit community CTF

Metasploit's community CTF is back! Starting January 30, players will have four days to find flags and win points and glory. Teams welcome.…

Caitlin Condon
Caitlin Condon Jan 15, 2020 Metasploit
3 min read

Patch Tuesday - January 2020

The first Patch Tuesday of 2020 has been hotly anticipated due to a rumour that Microsoft would be fixing a severe vulnerability in a fundamental cryptographic library. It turns out that the issue in question is indeed serious, and was reported to Microsoft by the…

Greg Wiseman
Greg Wiseman Jan 14, 2020 Vulnerability Management
4 min read

How to Define and Communicate Vulnerability Risk Across Your Company

In this post, we discuss how to define risk, the differences between risks, threats, and vulnerabilities, and how to communicate this to leadership teams.…

Rapid7
Rapid7 Jan 14, 2020 InsightVM
4 min read

Simplify Your Data Search with Query Builder in InsightVM

Query Builder is now available in InsightVM, which means gone are the days of relying solely on complex query languages like SQL or third-party tools.…

Tori Sitcawich
Tori Sitcawich Jan 13, 2020 InsightVM
5 min read

Challenges and Best Practices with Vulnerability Risk Management Collaboration

We sat down with VRM professionals to discuss best practices, challenges, and personal approaches to make vulnerability risk management a priority.…

Tori Sitcawich
Tori Sitcawich Jan 10, 2020 Vulnerability Risk Management
4 min read

Automating Application Security Processes with the InsightAppSec API

In this blog, we discuss how task automation can free up extra time for development and security teams in the web application life cycle.…

Holly Wilsey
Holly Wilsey Jan 09, 2020 InsightAppSec
1 min read

InsightConnect Announces New Plugin for Cisco AMP for Endpoints

Rapid7 is excited to announce a new plugin for InisghtConnect that connects to Cisco AMP for Endpoints.…

Joey McAdams
Joey McAdams Jan 08, 2020 InsightConnect

Blog Feed