Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.

View Cookie Policy for full details

We've updated Rapid7’s community resources

Hello. We've evolved our community resources to provide a richer experience. Learn more.
Questions? Contact us.

blog.rapid7.com

Blogs, How-tos, & Research

Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.

Explore the Blog
help.rapid7.com

Docs, Help, & Questions

Help content and documents are now curated to let you get the information you need even faster.

Explore Help
7 min read

Trick or Treat! What We Can Learn from the Spookiest Vulnerabilities of the Year

 Read More
2 min read

HP Device Manager Cavalcade of Critical CVEs (CVE-2020-6925:6927): What You Need to Know

 Read More
2 min read

This One Time on a Pen Test: Ain’t No Fence High Enough

 Read More
View All Tags

Popular Tags:
3 min read

How Maria Barsallo Lynch Helps Combat the Spread of Misinformation and Disinformation Ahead of the Election

In our most recent episode of Security Nation, we spoke with Maria Barsallo Lynch about her work informing election officials of the rise of misinformation centered around elections.…

Bri Hand
Bri Hand Oct 29, 2020 Security Nation
7 min read

Trick or Treat! What We Can Learn from the Spookiest Vulnerabilities of the Year

We put together a list of some of the scariest vulnerabilities of the year and the remediation solutions that can help you stay on guard in the future.…

Rapid7
Rapid7 Oct 29, 2020 Vulnerability Management
2 min read

Rapid7 Announces Improvements to Goals and SLAs in InsightVM

We’re excited to announce that creating a goal or SLA in InsightVM just became a lot simpler.…

Tori Sitcawich
Tori Sitcawich Oct 28, 2020 InsightVM
3 min read

2021 Detection and Response Planning, Part 3: Why 2021 Is the Year for SOC Automation

In this third installment of our series around 2021 security planning, we’re focused on SOC automation.…

Margaret Zonay
Margaret Zonay Oct 27, 2020 Detection and Response
14 min read

Scan Template Best Practices in InsightVM

This blog post will give you a ballpark best practice that applies to the majority of environments, as well as some descriptions that outline the thought process, math, and reasoning.…

Landon Dalke
Landon Dalke Oct 26, 2020 InsightVM
3 min read

Metasploit Wrap-Up

A bug fix for EternalBlue on Metasploit 6, four new modules, and a bunch of enhancements.…

Jeffrey Martin
Jeffrey Martin Oct 23, 2020 Metasploit Weekly Wrapup
3 min read

From the Dorm Room to the White House: How Researcher Jack Cable Works to Ensure Election Security

In this episode of Security Nation, we welcomed Jack Cable, a junior at Stanford University and employee of the U.S. Cybersecurity and Infrastructure Security Agency.…

Rapid7
Rapid7 Oct 23, 2020 Security Nation
5 min read

NICER Protocol Deep Dive: Internet Exposure of Remote Desktop (RDP)

In this edition of our NICER Protocol Deep Dive blog series, we break down the internet exposure of remote desktop (RDP).…

Tod Beardsley
Tod Beardsley Oct 23, 2020 National / Industry / Cloud Exposure Report (NICER)
2 min read

What’s New in InsightAppSec and tCell: Q3 2020 in Review

This blog recaps some of the latest and greatest ways to leverage Rapid7’s appsec technologies to get time back in your days.…

Bria Grangard
Bria Grangard Oct 22, 2020 Application Security
2 min read

This One Time on a Pen Test: Thanks for Sharing Your Wi-Fi

In this iteration of our "This One Time on a Pen Test" series, our client was a private equity company, and the task was to do an onsite wireless pen test from the lobby outside their office.…

Shane Young
Shane Young Oct 21, 2020 This One Time on a Pen Test
9 min read

Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities

Today, we're announcing a coordinated vulnerability disclosure on a set of address bar spoofing vulnerabilities that affect a number of mobile browsers.…

Tod Beardsley
Tod Beardsley Oct 20, 2020 Vulnerability Disclosure
5 min read

Are You Still Running End-of-Life Windows Servers?

Windows Server 2008 and 2008 R2 reached their end of life (EOL) on Jan. 14, 2020, but what does that mean in practice?…

Kwan Lin
Kwan Lin Oct 19, 2020 Windows
5 min read

NICER Protocol Deep Dive: Internet Exposure of IMAP and POP

In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of IMAP and POP.…

Tod Beardsley
Tod Beardsley Oct 19, 2020 National / Industry / Cloud Exposure Report (NICER)
2 min read

Metasploit Wrap-Up

Hacktoberfest 2020 and wisdom from around the Metasploit water cooler. Keep an eye out for more info on the next Metasploit community CTF (coming soon).…

Sonny Gonzalez
Sonny Gonzalez Oct 16, 2020 Metasploit Weekly Wrapup
1 min read

Fewer False Alarms, Faster Reporting: InsightVM Introduces New One-Click Fix For False Positives

Let’s talk false positives. They’re frustrating and faulty to anyone in security. The good news? We’ve added even more ways to reduce the noise they cause.…

Nick McKee
Nick McKee Oct 15, 2020 InsightVM

Never miss a blog

Get the latest stories, expertise, and news about security today.

BACK TO TOP