Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Recent Posts

How to Set Up Your Security Operations Center (SOC) for Success

Whether you’re looking to add coverage or are experiencing challenges with your existing security operations center (SOC), it's important to consider these factors before making a decision.…

Endpoint Agents Are Necessary for Today’s Modern Environment: Here’s Why (Part 2)

Rapid7's Insight agent can provide your organization with real-time, accurate results with the smallest possible footprint.…

Lessons and Takeaways from CTIA’s Recently Released IoT Security Certification Program

The CTIA recently announced a new cybersecurity certification program for cellular- and Wi-Fi-connected IoT devices. Here is my high-level overview of this program.…

How to Get Instant Insight into Your Log Data with Analytic Packs

Not sure what you should be looking for in your log data? Analytic Packs can help.…

Metasploit Wrapup

ssh_enumusers Gets An Update wvu integrated the malformed packet technique into the ssh_enumusers module originally written by kenkeiras. This module allows an attacker to guess the user accounts on an OpenSSH server on versions up to 7.7, allowing the module to work…

Enhancing IoT Security Through Research Partnerships

Securing IoT devices requires a proactive security approach to test both devices and the IoT product ecosystem. To accomplish this, consider setting up a research partnership.…

How Our Threat Intel Team Crafts Attacker Behavior Analytics

Threat Intel Lead Rebekah Brown discusses how the teams at Rapid7 create Attacker Behavior Analytics, and how that intel is infused into our solutions.…

Assess Containers During Software Builds with InsightVM

We recently released the InsightVM Container Assessment CI/CD Plugin. Built to work with Continuous Integration/Continuous Deployment (CI/CD) tools such as Jenkins, this plugin leverages InsightVM to assess containers during a software build.…

Endpoint Agents Are Necessary for Today’s Modern Environment: Here’s Why (Part 1)

Endpoint agents can help you integrate your siloed vulnerability management and incident detection and response programs and implement SecOps practices.…

Password Tips from a Pen Tester: Taking the Predictability Out of Common Password Patterns

Humans are predictable. As unique as we like to think we all are, our actions tend to be similar—and our choices when creating a password are no different.…

Rapid7 Quarterly Threat Report: 2018 Q2

Our latest Quarterly Threat Report is out, and 2018 has been keeping network defenders on their toes as malicious actors continue to find new ways to compromise networks alongside their tried-and-true types of cyber-attacks.…

CIS Critical Security Control 20: Measure Your Security Standing with Penetration Tests and Red Team Exercises

Protecting yourself from threats requires consistently asking yourself whether your security program is working as designed. Critical Control 20 covers pen tests and Red Team exercises.…

Metasploit Wrapup

We had a great time meeting everyone at the various Metasploit events at hacker summer camp last week, including two popup capture the flag events with Metasploitable3, the Open Source Security Meetup and selling Metasploit 0xf Anniversary Tour.…

Address the NAIC Insurance Data Security Model Law with Rapid7 Detection and Response

The NAIC Insurance Data Security Model Law suggests a modern approach to detecting and responding to threats. This post looks at a few interesting requirements and shares how we can partner with your team across people, process, and technology.…

Scan Management with InsightAppSec: There’s More to Application Security than Long Lists of Vulnerabilities

Knowing what you are scanning, how often, and with how much success is vital to knowing your vulnerability data is accurate, up-to-date, and reflects your security position. InsightAppSec can help.…

Featured Research

National Exposure Index 2018

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More