Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Recent Posts

Seasoned Pros Share Career Advice for Cybersecurity Success

In this blog, seasoned pros share what they’ve learned over the course of their careers that would have made a significant impact if they were just setting off at the starting gate.…

Customer Perspective: How InsightVM Helps Organizations Solve Common Vulnerability Management Challenges

In this blog, Brett Droche of Amedisys explains how Rapid7's InsightVM can mitigate or completely solve common vulnerability management challenges.…

Metasploit Wrap-Up

An improvement to HTTP command stagers allows exploits to write on-disk stagers to the location of your choosing.…

Implementing Credential Hygiene with CyberArk and InsightVM

Effectively assess your assets with a scan engine while keeping your credentials safe with the integration between CyberArk and InsightVM and Nexpose.…

Cisco® RV110/RV130/RV215 Unauthenticated Configuration Export Vulnerability (CVE-2019-1663): What You Need to Know

This week, Cisco® released an advisory and patch for a remote code execution flaw in small-business routers used for wireless connectivity in small offices and home offices.…

How Security Automation Enables Business Agility

How can any organization’s security team balance these priorities in a rapidly shifting security landscape while staying agile? Automation.…

Why Most Vulnerability Management Programs Fail and What You Can Do About It

In our latest webcast, we explain why most vulnerability management programs fail and what you can do to avoid the same fate.…

Rapid7 Quarterly Threat Report: Q4 and 2018 Wrap-Up

In our 2018 Q4 Threat Report, we look at our custom Attacker Behavior Analytics rules, examine some new threats we’ve seen this year, and provide some steps to help you secure your organization.…

Checkmate! How to Win at Vulnerability Management Using the Game of Chess

Because the mindset you use to win at chess is the same one you should strive for as an information security professional, you can learn a lot by examining its rules, players, and strategy.…

Metasploit Wrap-up

Document ALL THE THINGS! This release sees quite a bit of documentation added with a module doc from bcoles and four new module docs from newer docs contributor Yashvendra. Module docs can be viewed with info -d and are extremely helpful for getting acquainted with…

Drupal Core Remote Code Execution (CVE-2019-6340): What You Need to Know

On Wednesday, Feb. 20, 2019, the Drupal Core team provided an early-warning update for the third Drupal Core Security Alert of 2019, which has been assigned CVE-2019-6340.…

APIs + SDKs = The Plugin Dream Team

In this blog, we will talk about one of our favorite pairings: application programming interfaces (APIs) and software development kits (SDKs).…

[IoT Security] Introduction to Embedded Hardware Hacking

Many security professionals and researchers are intrigued by the idea of opening up and exploring embedded technologies but aren’t sure where to start.…

Stack-Based Buffer Overflow Attacks: What You Need to Know

Stack-based buffer overflow exploits are likely the shiniest and most common form of exploit for remotely taking over the code execution of a process.…

Metasploit Wrap-Up

Crock-Pot cooking with Metasploit Belkin's Wemo line of smart home devices offers users a variety of internet-connected gadgets and gizmos they can control around the home. One of those happens to be a Crock-Pot. We went ahead and bought one. Naturally, it made sense for…