Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Recent Posts

Proactive Security Is the New Black: Lessons from the Trenches of Building a Security Product

On this week’s Security Nation, we spoke with Alex Kreilein, CISO for RapidDeploy, a back-end SaaS service for 911 and emergency communication systems.…

Metasploit Wrap-Up

Five new modules plus fixes and enhancements. Exploits for ManageEngine, rConfig, and SQL Server Reporting Services, among others.…

Top 3 Outcomes Organizations Try to Achieve in Their Incident Detection and Response Programs

In this blog, we break down the top three outcomes organizations try to achieve in their Detection and Response programs.…

The Importance of Network Visibility With a Remote Workforce

As IT and network security staff around the world hurry to roll out more and more VPN and remote access services, it’s important to recognize that security or operational issues can arise.…

How to Maintain Your Cybersecurity Posture in Uncertain Times

In this blog, we will discuss some of the key areas a security leader can focus on to make sure your company and teams are prepared.…

Redefining How to Measure the Success of Your Vulnerability Management Program

In this post, we’ll discuss which vulnerability risk management metrics matter and which ones don’t, and how to communicate them effectively.…

How Rapid7 Customer Hilltop Holdings Integrates Security Tools for a Multi-Layered Approach

We interviewed Hilltop Holdings' director of security operations about how his organization approaches multi-level security in the financial industry.…

Our Commitment to Keeping Your Organization Secure During COVID-19

COVID-19 has created a great deal of concern and uncertainty, and we want to reassure you that your security remains our top priority.…

How to WFH and Keep Your Digital Self Safe

In this blog, we discuss how to work from home (WFH) and keep your digital self safe.…

Metasploit Wrap-Up

Four new modules and lots of productivity enhancements. You can now run `rubocop -a` to automatically fix most formatting issues when developing modules. Plus, try the new `tip` command in MSF for Framework usage tips!…

How to Understand the TCO and ROI of Your Vulnerability Management Program

In this blog, we discuss the total cost of ownership (TCO) compared to the potential return on investment (ROI) of your Vulnerability Management program.…

CVE-2020-0796: Microsoft SMBv3 Remote Code Execution Vulnerability Analysis

Rapid7 analysis and exposure data on CVE-2020-0796, a critical remote code execution vulnerability in Microsoft's SMBv3 protocol.…

3 Common Threats to Look for in Your Network Data

Today, we'll be highlighting three common threats to keep an eye out for in your network data and the best methods of remediation.…

Why Our Future in InfoSec Depends on Automation

In this blog, we discuss why our future in Information Security depends on automation.…

Patch Tuesday - March 2020

Let's start off talking about CVE-2020-0688 from last month -- the Microsoft Exchange Validation Key RCE vulnerability. At the time it was published February 11, 2020, the vulnerability had not seen active exploitation. As of March 9, 2020, there were increasing reports of activity happening…