Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Recent Posts

Talking the Origins of THOTCON with Founder Nick Percoco

In a recent episode of Security Nation, we sat down with THOTCON founder Nick Percoco to discuss the Chicago-based security conference.…

How to Secure Containers, Applications, and Serverless Environments

In the final post of our four-part series on security in the cloud, we explain how to secure containers, applications, and serverless environments.…

Metasploit Wrap-Up

Gift exchange If you're looking for remote code execution against Microsoft Exchange, Spencer McIntyre crafted up a cool new module targeting a .NET serialization vulnerability in the Exchange Control Panel (ECP) web page. Vulnerable versions of Exchange don't randomize keys on a per-installation basis, resulting…

How InsightConnect Customer Hilltop Holdings Benefits from Strategic SOAR Workflows

We spoke with Michael Cochran, a security analyst for Hilltop Holdings, about his experience using InsightConnect and the time his organization has saved.…

Lessons Learned from an Unlikely Path to My OSCP Certification

In this blog, our own Patrick Laverty discusses lessons learned from his path to a Offensive Security Certified Professional (OSCP) certification.…

Rapid7 2020 Threat Report: Exposing Common Attacker Trends

In this blog, we break-down the three key sections of the newly-released Rapid7 2020 Threat Report.…

How We Used Data Science Magic to Predict Key RSA 2020 Themes and Takeaways

As our team discussed our traditional RSA round-up blog, we started to wonder how easy it would be to predict those key themes before the conference even kicked off.…

Metasploit Wrap-Up

Android Binder UAF, OpenNetAdmin RCE, and a slew of improvements, including colorized HttpTrace output and a better debugging experience for developers.…

How to Improve Vulnerability Patching Efficiency through Automation

In this blog, we discuss how automation can improve your security team's patching efficiency.…

How to Define Business Value for Security Programs

Today, we're evaluating the categorization of Detection and Response program outcomes and Attack Surface Management outcomes uncovered by Rapid7's UX team.…

How MDR SOC Customer Tony Hamil Leverages the Automation of InsightConnect

Recently, Tony Hamil spoke with us about how InsightConnect, Rapid7’s SOAR solution, enhances and goes beyond the capabilities of the MDR SOC.…

Welcome to Rapid7's Extension Forum

Rapid7 is excited to announce the launch of Rapid7 Discuss, a forum intended to serve as a home for analysts, developers, and security practitioners alike.…

Securing Cloud-Native Apps Requires Partnership

To further our commitment to extend the influence of security teams into development, Rapid7 is excited to announce our partnership with Snyk.…

Rapid7 Named 2019 Global SOAR Company of the Year by Frost & Sullivan

We are thrilled to announce that Frost & Sullivan has named Rapid7 as the Global SOAR Company of the Year after analyzing InsightConnect.…