Rapid7 Blog

Recent Posts

What Makes SIEM Security Alerts Actionable? Automatic Context

Whether you call them alerts, alarms, offenses, or incidents, they’re all worthless without supporting context. A failed login attempt may be completely benign ... unless it happened from an anomalous asset or from a suspicious location. Escalation of a user’s privileges could be due…

CVE 100K: A Big, Round Number

There have been 100,000 CVEs published. That's a big, round number.…

CVE 100K: By The Numbers

There have been 100,000 CVEs published. Here are some stats on the program so far.…

CIS Critical Security Control 15 Explained: Wireless Access Control – Are You Really Managing Your WiFi?

This is a continuation of our CIS critical security controls blog series. See why SANS listed Rapid7 as the top solution provider addressing the CIS top 20 controls. Decades ago, your network was a collection of routers, firewalls, switches, wall ports, and what seemed like…

Metasploit Wrapup

After last week's seriously serious write-up, this week we will return to our norml normal, lighthearted (and Metasploit-hearted) wrap-ups, though we remain fans of terrible 80s movies. Drupalgeddon 2: Webdev Boogaloo After last month's Drupal exploit came to light, nearly a dozen developers have been…

Drupalgeddon Vulnerability: What is it? Are You Impacted?

First up: many thanks to Brent Cook, William Vu and Matt Hand for their massive assistance in both the Rapid7 research into “Drupalgeddon” and their contributions to this post. Background on the Drupalgeddon vulnerability The Drupalgeddon 2 vulnerability announcement came out in late March (2018-03-28…

Rapid7 InsightVM Named Best Vulnerability Management Solution by SC Magazine

SC Media has announced the 2018 SC Awards and (drumroll, please…) InsightVM is proud to take top honors as Best Vulnerability Management Solution in the Trust Awards category. Our team works tirelessly day in and day out to bring SecOps best practices to our customers,…

What is Modern Vulnerability Management?

Once upon a time (a few years ago) vulnerability management programs focused solely on servers, running quarterly scans that targeted only critical systems. But that was then, and you can no longer afford such a limited view in the now. To illustrate these changes in…

How to Identify Attacker Reconnaissance on Your Internal Network

The most vulnerable moment for attackers is when they first gain internal access to your corporate network. In order to determine their next step, intruders must perform reconnaissance to scout available ports, services, and assets from which they can pivot and gain access to customer…

CIS Critical Control 14 Explained: Controlled Access Based on the Need to Know

This is a continuation of our CIS critical security controls blog series. See why SANS listed Rapid7 as the top solution provider addressing the CIS top 20 controls. Let’s start with some simple, yet often unasked questions. Do you know what critical assets—information…

Getting Started in Ethical Hacking

A while back, a Twitter user asked us the following question: I have a friend who is looking into ethical hacking. She is also a broke college student so do you know of any free for affordable resources she can use? Ethical hackers use their…

Metasploit Wrapup

You may have noticed that our weekly wrapups tend to be very light-hearted. A few might say our blog is humourous. Some might even argue that they incorporate low-brow internet jokes and an excessive quantity of memes. Well, I'm here to say we've turned over…

How to Remediate Vulnerabilities Across Multiple Offices

Your vulnerability scanner embarks on its weekly scan. The report comes in, you fire it off to your IT team across the country and...silence. Thinking they’re on it, you go on with your day, until next week’s scan report comes in and…

RSA 2018: Kickoff wrap-up

The opening day of RSA offered up copious nods to the need for security to be an integral, integrated part of innovation. RSA President Rohit Ghai talked about moving security upstream in the SDLC, Microsoft’s Brad Smith called for new ways to innovate that…

Georgia should not authorize "hack back"

[Update 05/09/18: Georgia Governor Deal vetoed SB 315. In a thoughtful veto statement, the Governor noted that the legislation raised "concerns regarding national security implications and other potential ramifications," and that "SB 315 may inadvertently hinder the ability of government…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More