Rapid7 Blog

Recent Posts

NCSAM Security Crash Diet, Week 4: IoT

The final week of our 'Security Crash Diet' series for NCSAM explores what the IoT device purchasing process is like for consumers who want to buy IoT with security in mind. Spoiler: It isn't easy.…

Stop aiming for security perfection—just do what's right

Guest author Kevin Beaver discusses 'relentless incrementalism' in building out and improving security programs.…

Testing SMB Server Security with Metasploit Pro Task Chains: Part 1

A step-by-step guide to testing SMB server security using Metasploit Pro Task Chains.…

Metasploit Wrapup

Would you like to help Metasploit Framework and get a free t-shirt? There is still a bit of October left, which means you can totally still sign up for Hacktoberfest: a fun annual project to encourage open source software contributions! Make four pull requests on…

ROCA: Vulnerable RSA Key Generation

In the KRACK-related and BadRabbit-related chaos of the past week and a half, some people missed a less flashy vulnerability that nevertheless dug up key long-term questions on IoT supply chains and embedded technology. The Czech-based Center for Research on Cryptography and Security published research…

The BadRabbit Ransomware Attack: What You Need To Know

What’s Up? Rapid7 has been tracking reports of an expanding ransomware campaign dubbed BadRabbit. Russian news outlets and other organizations across Europe have reported being victims of this malware and the “outbreak” is continuing to spread. The BadRabbit attackers appear to have learned some…

NCSAM Security Crash Diet, Week 3: Privacy and Backups

In week three of Rapid7's NCSAM 'Security Crash Diet' series, our cybersleuth 'Olivia' tests practical advice on privacy (think location-sharing) and has a few scary moments with backups.…

IoT Mobile Application Credential Encryption

Rapid7 IoT Research Lead Deral Heiland offers several of his takeaways from testing IoT mobile applications.…

Metasploit Wrapup

Exploits for hours. Gather 'round with a pocket full of shells.…

NCSAM Security Crash Diet, Week 2: Social and Travel

Rapid7 guinea pig 'Olivia' describes her efforts during week two of her security 'crash diet for National Cyber Security Awareness Month. This week focused on social sharing and travel security.…

NIST Standards and Why They Matter

A primer on implementing NIST recommendations by guest author Matt Kelly…

SIEM Market Evolution And The Future of SIEM Tools

There’s a lot to be learned by watching a market like SIEM adapt as technology evolves, both for the attackers and the analysis.…

InsightIDR Now Supports Multi-Factor Auth and Data Archiving

InsightIDR is now part of the Rapid7 platform. Learn more about our platform vision and how it enables you to have the SIEM solution you've always wanted.…

The Wi-Fi KRACK Vulnerability: What You Need to Know

Everything you need to know about the recently disclosed KRACK vulnerability affecting Wi-Fi security protocols (WPA1 and WPA2).…

NCSAM: How Hackable Are You?

Rapid7 partnered with The Today Show to offer a fun, fast self-assessment quiz to determine individual cybersecurity risk levels. How hackable are you?…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now