Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Recent Posts

Increasing Visibility in Changing Threat Environments: A Conversation With Anthony Edwards

We recently interviewed Anthony Edwards, Director of Security Operations for Hilltop Holdings, who shared insights for our evolving security landscape.…

Advancements in Vulnerability Reporting in the Post-PGP Era: A Conversation with Art Manion

On this week’s episode of Security Nation, Art Manion of the CERT Coordination Center gets us up to speed on vulnerability analysis and management.…

Metasploit Wrap-Up

Arista Shell Escape Exploit Community contributor SecurityBytesMe added an exploit module for various Arista switches. With credentials, an attacker can SSH into a vulnerable device and leverage a TACACS+ shell configuration to bypass restrictions. The configuration allows the pipe character to be used only if…

How to Approach Risk Management: Advice from Rapid7 Customers

Learn how these security professionals approach risk, and their best advice for others looking to better their approach to risk management.…

How Rapid7 Customers Are Using Network Traffic Analysis in Detection and Response

In this blog, we discuss how Rapid7 Customers Are Using Network Traffic Analysis in Detection and Response…

The Security Practitioner's Intro to the Cloud: Everything You Ever Wanted to Know But Were Afraid to Ask

In this post, we provide an introductory primer to the cloud and cloud security for security professionals who want to fill in the blanks.…

SIEM Security Tools: Six Expensive Misconceptions

Understanding recent improvements to traditional SIEMs incorporated by next-generation solutions proves critical to building a confident security posture.…

Unlocking the Power of Macro Authentication: Part One

In this blog post, we will review how various components of a macro work and what to keep in mind when recording a macro for authentication.…

Introducing a New InsightVM Dashboard to Monitor External and Remote Workforce Assets in Your Environment

In order to help our customers better track their remote workforce and external assets, we are introducing a new customizable dashboard within InsightVM.…

Metasploit Wrap-Up

Windows BITS CVE-2020-0787 LPE in the Metasploit tree! This week, Grant Willcox presents his first Metasploit module contribution as part of our team. Research from itm4n yielded CVE-2020-0787, describing a vulnerability in the Windows Background Intelligent Transfer Service (BITS). This vuln can be exploited to…

Support FAQs: Managing Your Organization’s Security in Response to COVID-19

To help you and your organization respond to the COVID-19 pandemic, we’ve assembled a list of FAQs to help maintain your existing security measures.…

How Team Collaboration Can Help You Scale the Vulnerability Mountain

In this blog post, we’ll break down how to do this through team collaboration, key processes, and good security design.…

Patch Tuesday - June 2020

June 2020's Microsoft Patch Tuesday gives us a whopping 129 CVEs patched (excluding Adobe Flash which addresses CVE-2020-9633 -- a high severity remote code execution vulnerability).  While the consistently high volume of vulnerabilities being addressed each month is alarming at times, there is a sense…

Developing Sustainable Vulnerability Management with Katie Moussouris

On this week’s episode of Security Nation, we’re delighted to be joined by Katie Moussouris, CEO and Founder of Luta Security.…

Maturing Your Security Posture: Around-the-Clock Threat Detection With Managed Detection & Response (MDR) Services

Recently, we sat down with Jeremiah Dewey, Rapid7’s VP of Managed Services, to chat about how MDR services strengthen traditional security products.…

Never miss a blog

Get the latest stories, expertise, and news about security today.