Rapid7 Blog

Logentries  

R7-2017-18: Logentries Windows Agent uses vulnerable OpenSSL (FIXED)

Summary The Logentries Windows Agent before version 2.6.0.1 shipped with a version of OpenSSL that is susceptible to several public vulnerabilities described below. While we have no indication that any Logentries customers have been compromised due to these older versions of OpenSSL,…

Network Administrator’s Guide to Surviving an Audit: During the Audit

Last time we talked about how to prepare for an audit. In this installment we’ll cover what to do once the audit begins. Let’s assume that you’re pretty well prepared. You’ve done your homework and know pretty much what to expect.…

Logging in a Software Defined Network

Background This blog will give an overview of Software Defined Networks (SDN), present some suggestions for logging in an SDN and finally present an overview of some research work we are doing on SDN logging. If we consider a Software Defined Network (SDN) paradigm is…

Habits that Pay Off for Programmers

I would like to clarify something immediately with this post.  Its title does not contain the number 7, nor does it talk about effectiveness.  That was intentional.  I have no interest in trying to piggy-back on Stephen Covey’s book title to earn clicks, which…

Legacy apps in the data center, today's apps in the cloud

Have you found that your organization is developing new applications that are cloud-based, but unable to move away from some established legacy systems? You aren’t alone. This legacy/cloud hybrid environment is far more common than you would expect. And when you look at…

Network Administrator’s Guide to Surviving an Audit: Preparation

Sooner or later, your organization will likely be the subject of an IT audit. But as ominous as that sounds, it doesn’t have to be something to dread. If you’re a network administrator, you’ll have a specific role in an audit. Since…

Log Analysis for System Troubleshooting

Systems of all kinds create log data constantly and voluminously. In searching out the most compelling reasons to dig into and analyze such data, we compiled a list of seven reasons that usually drive such activity. In this blog post we tackle the first of…

Logging for Fun: Things You'd Never Thought to Log

I work as a consultant in the software industry.  This work affords me the opportunity to see and interact with many different teams and thus to observe prevailing trends.  Among these teams, the attitude toward logging tends to be one of resigned diligence. That is,…

Roots and Culture: Logging and the Telephone Bill

Telephone systems were the Internet before there was an Internet. Think about it. By 1920 millions of people were exchanging data on a worldwide network using a device that connected on demand. Sounds like the Internet to me. But unlike the current day Internet, the…

Never type a search query again!

Introducing Visual Search In our never-ending effort to help you wrangle your infrastructure, we are constantly improving and adding new functionality to Logentries.  In that spirit, today we are happy to announce Visual Search. Visual Search is truly a one of a kind feature, it…

Finalists in FIVE categories at the Network Computing Awards!

Ring Ring! You're in the Final! It's always nice to get a phone call letting us know that we've been shortlisted for awards – but when it's five awards, we like those calls even more! Two of our products, and our company have reached the final…

5 Rules of Pair Programming Etiquette

I like Pair Programming. I’ve been doing it episodically for about 10 years. Whenever I’ve pair programmed, at the end of a session, I’ve always walked away a better developer than when I started. However, the practice can be expensive when the…

3 Predictions for Development in the Age of Serverless Computing

Probably the biggest change that has happened in my lifetime of programming is the transformation from  creating code that is meant to run on known, tangible hardware to making code that runs on the Cloud. We’ve gone from server based computing to the serverless…

Java 8 - Lazy argument evaluation

Overview “I will always choose a lazy person to do a difficult job. Because he will find an easy way to do it” – Bill Gates Lazy evaluation is an evaluation strategy which delays the evaluation of an expression until its value is needed. The opposite…

12 Days of HaXmas: The Gift of Endpoint Visibility and Log Analytics

Merry HaXmas to you! Each year we mark the 12 Days of HaXmas with 12 blog posts on hacking-related topics and roundups from the year. This year, we're highlighting some of the “gifts” we want to give back to the community. And while these gifts…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now