Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Recent Posts

SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know

On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform.…

Metasploit Wrap-Up

This week's wrap-up covers five new modules (including scanner, execution, and disclosure modules), some good fixes and enhancements, and more!…

InsightVM Now Integrates With Snyk for Deep Visibility Into Container Vulnerabilities

We're excited to announce that InsightVM now integrates with Synk for deep visibility into container vulnerabilities.…

NICER Protocol Deep Dive: Internet Exposure of etcd

In the latest edition of our NICER Protocol Deep Dive blog series, we break down the internet exposure of etcd.…

New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility

When speaking with customers, we continue to hear that they are looking for more visibility into their vulnerability risk management activities.…

Patch Tuesday - December 2020

We close off our 2020 year of Patch Tuesdays with 58 vulnerabilities being addressed. While it's a higher count than our typical December months (high thirties), it's still a nice breath of fresh air given how the past year has been. We do, however, get…

2020 Under the Hoodie Report Reveals Pen Testers’ Most-Loved Vulnerabilities

Understanding the vulnerabilities that pen testers rely on will help you make sure your organization is prepared to patch particular vulnerabilities.…

Congrats to the winners of the 2020 December Metasploit community CTF

Thank you all that participated in the 2020 December Metasploit community CTF! The four day CTF was well received by the community, with 874 teams and 1903 users registered! We’ve included the high-level stats and the competition winners below. If you played the CTF…

NICER Protocol Deep Dive: Internet Exposure of memcached

In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of memcached.…

Metasploit Wrap-Up

It's CTF week(end)! Plus, steal files from Apache Tomcat servers thanks to a new Ghostcat exploit, and dump process memory with a new post module that leverages Avast AV's built-in AvDump utility.…

How to Create an OS-Based Policy Scanning Workflow in InsightVM

In this blog, we provide a step-by-step walkthrough of how to create an OS-based policy scanning workflow in InsightVM.…

Rapid7’s InsightIDR Introduces Integration with Cybereason

As InsightIDR continues to help teams save time and drive more effective detection and response, we’re excited to announce that customers can now integrate with Cybereason…

Threat and Vulnerability Management Best Practices

In this blog post, we provide a high-level overview of vulnerability management and why it’s critical for modern businesses.…

Rapid7 Recognized as a Strong Performer Among Security Analytics Providers by Leading Industry Report

We are thrilled to share that Rapid7 has been recognized as a Strong Performer in The Forrester Wave™: Security Analytics Platforms, Q4 2020.…

NICER Protocol Deep Dive: Internet Exposure of Redis

In the latest installment of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of Redis.…

Never miss a blog

Get the latest stories, expertise, and news about security today.