Rapid7 Blog

Rapid7 Perspective  

FCC Repeals Net Neutrality: What Now?

This week, Rapid7 hosted an event with Massachusetts’ Edward J. Markey and a number of Boston’s technology and business leaders to protest the likely repeal of net neutrality. Our CEO, Corey Thomas, details Rapid7's position on the much-debated topic of net neutrality in this…

Attention Humans: The ROBOT Attack

What’s the ROBOT Attack? On the afternoon of December 12, researchers Hanno Böck, Juraj Somorovskym and Craig Young published a paper, website, testing tool, and CTF at robotattack.org detailing a padding oracle attack that affects the way cryptography is handled on secure websites.…

Standing with Massachusetts technology leaders in support of net neutrality

On Monday, Rapid7 will host Senator Edward J. Markey and a group of technology and business leaders from across Massachusetts as we stand in support of net neutrality. Together, we’ll affirm our commitment to a free and open internet that promotes growth and innovation…

5 Tips for a Cyber Holiday Season

Five tips on how to approach security this holiday season with family and friends…

Giving thanks for security improvements

We see a lot of bad news in security: hacks, attacks, breaches, bad choices—tiny flaws that lead to significant failures. As part of a community that’s naturally wary of wins, it can be a battle to remember how much progress we’ve made…

NCSAM Security Crash Diet, Week 2: Social and Travel

Rapid7 guinea pig 'Olivia' describes her efforts during week two of her security 'crash diet for National Cyber Security Awareness Month. This week focused on social sharing and travel security.…

Help! What’s going on?

Last month, we announced that we are evolving our community site, and we started directing our customers to two new resources: the Rapid7 blog and the Help site. We’ve heard that people like the new look and feel, but there has been some confusion…

NCSAM: A Personal Security Crash Diet

We're kicking of National Cyber Security Awareness Month by getting a Rapid7 employee to test out the practicality of common security advice. Follow along throughout October.…

Apache Struts S2-052 (CVE-2017-9805): What You Need To Know

Apache Struts, Again? What’s Going On? Yesterday’s Apache Struts vulnerability announcement describes an XML Deserialization issue in the popular Java framework for web applications. Deserialization of untrusted user input, also known as CWE-502, is a somewhat well-known vulnerability pattern, and I would expect…

2017 Cybersecurity Horoscopes

What does 2017 hold for cybersecurity? Our mystics have drawn cards, checked crystal balls, and cast runes to peer into the future. See what the signs have in store for you in the new year. Sage Corey Thomas, Rapid7 Gazing into the future of 2017,…

Why Security Assessments are Often not a True Reflection of Reality

Inmates running the asylum. The fox guarding the henhouse. You've no doubt heard these terms before. They're clever phrases that highlight how the wrong people are often in charge of things. It's convenient to think that the wrong people are running the show elsewhere but…

On the Recent DSL Modem Vulnerabilities

by Tod Beardsley and Bob Rudis What's Going On? Early in November, a vulnerability was disclosed affecting Zyxel DSL modems, which are rebranded and distributed to many DSL broadband customers across Europe. Approximately 19 days later, this vulnerability was leveraged in widespread attacks across the…

Opportunity Now Means Success Later: Q&A with Rapid7 Sales

This post is a Q&A with John O'Donnell, Director of Sales at Rapid7. For more information about career opportunities with Rapid7, visit https://www.rapid7.com/company/careers.jsp. Q: What separates Rapid7 from other security or software companies in the area? A:…

Conflicting perspectives on the TLS 1.3 Draft

In the security industry, as in much of life, a problem we often face is that of balance. We are challenged with finding the balance between an organization's operational needs and the level of security that can be implemented. In many situations an acceptable, if…

Who Are Your Heroes, and Why?

For those that don't know me, I'm Corey Thomas, the CEO of Rapid7, which I consider to be a position of privilege given the extraordinary group of colleagues, customers, and partners I get to work with. I am very passionate about the security community and…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now