Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

We've updated Rapid7’s community resources

Hello. We've evolved our community resources to provide a richer experience. Learn more.
Questions? Contact us.

blog.rapid7.com

Blogs, How-tos, & Research

Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.

Explore the Blog
help.rapid7.com

Docs, Help, & Questions

Help content and documents are now curated to let you get the information you need even faster.

Explore Help

Better Together: How to Collaborate to Drive Vulnerability Remediation Among Security, IT, and DevOps Teams

If you feel anxious about the time it takes to remediate vulnerabilities, you’re not alone. These worries are very common among security professionals.…

Active Exploitation of Citrix NetScaler (CVE-2019-19781): What You Need to Know

A a directory traversal vulnerability was announced in the Citrix Application Discovery Controller and Citrix Gateway, which would allow a remote, unauthenticated user to write a file to a location on disk.…

Metasploit Wrap-Up

Silly admin, Citrix is for script kiddies A hot, new module has landed in Metasploit Framework this week. It takes advantage of CVE-2019-19781 which is a directory traversal vulnerability in Citrix Application Delivery Controller (ADC) and Gateway. This exploit takes advantage of unsanitized input within…

How to Get Started with the InsightVM Integration for ServiceNow CMDB

Rapid7 is excited to announce the release of a new ServiceNow Platform application for InsightVM with the ServiceNow CMDB.…

Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601): What You Need to Know

In this blog, we discuss everything you need to know about the CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability.…

How PCI Compliance Helps Keep Your App’s Credit Card Data Safe

In this blog, we break-down why you and your organization should be committed to the Payment Card Industry Data Security Standard (PCI DSS, or PCI).…

Announcing the 2020 Metasploit community CTF

Metasploit's community CTF is back! Starting January 30, players will have four days to find flags and win points and glory. Teams welcome.…

Patch Tuesday - January 2020

The first Patch Tuesday of 2020 has been hotly anticipated due to a rumour that Microsoft would be fixing a severe vulnerability in a fundamental cryptographic library. It turns out that the issue in question is indeed serious, and was reported to Microsoft by the…

How to Define and Communicate Vulnerability Risk Across Your Company

In this post, we discuss how to define risk, the differences between risks, threats, and vulnerabilities, and how to communicate this to leadership teams.…

Simplify Your Data Search with Query Builder in InsightVM

Query Builder is now available in InsightVM, which means gone are the days of relying solely on complex query languages like SQL or third-party tools.…

Challenges and Best Practices with Vulnerability Risk Management Collaboration

We sat down with VRM professionals to discuss best practices, challenges, and personal approaches to make vulnerability risk management a priority.…

Automating Application Security Processes with the InsightAppSec API

In this blog, we discuss how task automation can free up extra time for development and security teams in the web application life cycle.…

InsightConnect Announces New Plugin for Cisco AMP for Endpoints

Rapid7 is excited to announce a new plugin for InisghtConnect that connects to Cisco AMP for Endpoints.…

InsightIDR: 2019 Year in Review

As we turn the corner into the new year, our team has been looking back at 2019 and reflecting on some of our most exciting updates from InsightIDR.…

Election Security: What You Need to Know

In this blog, we break-down everything you need to know about the collection of security challenges throughout elections.…