Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

We've updated Rapid7’s community resources

Hello. We've evolved our community resources to provide a richer experience. Learn more.
Questions? Contact us.

blog.rapid7.com

Blogs, How-tos, & Research

Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.

Explore the Blog
help.rapid7.com

Docs, Help, & Questions

Help content and documents are now curated to let you get the information you need even faster.

Explore Help

Metasploit Wrap-Up

Shifting (NET)GEARs Community contributor rdomanski added a module for Netgear R6700v3 routers that allows unauthenticated attackers on the same network to reset the password for the admin user back to the factory default of password. Attackers can then manually change the admin user's password…

InsightAppSec Release Roundup: What’s New and Updated

In this blog, we recap the latest and greatest ways to work smarter and more efficiently in InsightAppSec, so you can get some much-deserved time back.…

How to Use Custom Policy Builder to Customize Password Policies in InsightVM

In this post, we are going to focus on commonly used customizations for password policies by our customers.…

Unlocking the Power of Macro Authentication in Application Security: Part Two

In this post, we will review how to understand these error messages and what steps to take to get our authentication macro working.…

CVE-2020-2021 Authentication Bypass in PAN-OS Security Assertion Markup Language (SAML) Authentication Disclosed

On Monday, June 29, 2020, Palo Alto released details on CVE-2020-2021 a new, critical weakness in SAML authentication on PAN-OS devices.…

Building a Printed Circuit Board Probe Testing Jig

In this blog, we discuss how to build a printed circuit board (PCB) probe testing jig.…

Metasploit Wrap-Up

Who watches the watchers? If you are checking up on an organization using Trend Micro Web Security, it might be you. A new module this week takes advantage of a chain of vulnerabilities to give everyone (read unauthenticated users) a chance to decide what threats…

Rapid7 Managed Detection and Response (MDR): The Service that Never Sleeps

In this post, we break-down everything you need to know about Rapid7 Managed Detection and Response (MDR).…

Customer Spotlight: How Amedisys CISO Proves Security’s Value to the Business

Richard Kaufmann, CISO of Amedisys, talks about the importance of measuring value in terms of business impact and successfully securing more budget.…

Back to Basics: Maintaining Cloud Migration Oversight While Navigating the New Normal

On the final installment of our Remote Work Readiness Series, Rapid7 taps industry insiders for what the future of security leadership might look like.…

Increasing Visibility in Changing Threat Environments: A Conversation With Anthony Edwards

We recently interviewed Anthony Edwards, Director of Security Operations for Hilltop Holdings, who shared insights for our evolving security landscape.…

Advancements in Vulnerability Reporting in the Post-PGP Era: A Conversation with Art Manion

On this week’s episode of Security Nation, Art Manion of the CERT Coordination Center gets us up to speed on vulnerability analysis and management.…

Metasploit Wrap-Up

Arista Shell Escape Exploit Community contributor SecurityBytesMe added an exploit module for various Arista switches. With credentials, an attacker can SSH into a vulnerable device and leverage a TACACS+ shell configuration to bypass restrictions. The configuration allows the pipe character to be used only if…

How to Approach Risk Management: Advice from Rapid7 Customers

Learn how these security professionals approach risk, and their best advice for others looking to better their approach to risk management.…

How Rapid7 Customers Are Using Network Traffic Analysis in Detection and Response

In this blog, we discuss how Rapid7 Customers Are Using Network Traffic Analysis in Detection and Response…

Never miss a blog

Get the latest stories, expertise, and news about security today.