Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Recent Posts

Summer Security Fundamentals Recap: Orchestration and Automation 101

Security orchestration and automation (SOAR) offers plenty of benefits for organizations. Here are some you should know about.…

Metasploit Wrap-Up

A new feature, better `set payload` options, and new modules. Plus, open-source office hours in Vegas during hacker summer camp.…

How to Join in on the Cybersecurity Policy Conversation at DEF CON

In a recent episode of Security Nation, Meg King and Beau Woods talked about how to build better collaboration between the security community and policymakers on the Hill.…

Introducing Pingback Payloads

The Metasploit team added a new feature to Framework that improves safety and offers another avenue in MSF for novel evasion techniques: pingback payloads.…

R7-2019-18: Multiple Hickory Smart Lock Vulnerabilities

The Hickory Smart BlueTooth Enabled Deadbolt IoT ecosystem (which includes mobile applications as well as a cloud-hosted web and MQTT infrastructure) has several vulnerabilities.…

BlueKeep Exploits May Be Coming: Our Observations and Recommendations

Rapid7 Labs has observed a significant uptick in malicious RDP activity since the release of CVE-2019-0708 (aka “BlueKeep”).…

Do You Have Containers in Your Environment? Using Container Discovery to Be Sure

In this post, we'll show you how you can use the container security features in InsightVM to find out whether you have containers you didn't know about.…

Rapid7 Announces an Early Access Program for tCell by Rapid7

We are excited to announce that we are launching the early access program for tCell by Rapid7.…

New Research: Investigating and Reversing Avionics CAN Bus Systems

Rapid7's recently released research report examines the security (or lack thereof) of CAN bus networks in small aircraft.…

How to Automate Threat Hunting with SOAR for Faster Response Times

In this blog, we highlight four ways security orchestration and automation (SOAR) tools can streamline the threat hunting process.…

Metasploit Wrap-Up

First!! Congrats to Nick Tyrer for the first community contibuted evasion module to land in master. Nick's evasion/windows/applocker_evasion_install_util module leverages the trusted InstallUtil.exe binary to execute user supplied code and evade application whitelisting. New modules (4) WP Database Backup…

Why the Modern SIEM Is in the Cloud

Let’s talk about why modern SIEM is in the cloud, what core benefits you can expect, and how it is predicted to evolve as we soar toward 2020.…

What's Happening With Markups for the IoT Cybersecurity Improvement Act of 2019?

In recent weeks, the House and Senate have drafted versions of the IoT Cybersecurity Improvement Act of 2019. Here are are thoughts.…

[Research] Under the Hoodie, 2019 Edition: Lessons Learned from 180 Penetration Tests

Our 2019 Under the Hoodie report covers the measurable results of about 180 penetration tests conducted by Rapid7. Find out what we learned.…