Rapid7 Blog

Virtual Infrastructure  

Modern Network Coverage and Container Security in InsightVM

For a long time, the concept of “infrastructure” remained relatively unchanged: Firewalls, routers, servers, desktops, and so on make up the majority of your network. Yet over the last few years, the tides have begun to shift. Virtualization is now ubiquitous, giving employees…

Software defined security made real

This week were headed for VMworld 2014 in San Fransisco and we're excited to be talking about how Rapid7 is partnering with industry leaders like Symantec, Palo Alto Networks, and of course VMware to build out the VMware NSX security ecosystem. Together we've created an…

Real-time Protection from Nexpose & VMware NSX

One of Nexpose's core promises, is that we will give you actionable visibility into your physical, cloud, and virtual environments to help you identify what assets are on your network, and what are the most critical security risks to remediate. As a part of supporting…

Weekly Update: Meterpreter Updates, VMWare, the OSX spycam, Retabbing, and more!

Meterpreter UpdatesThis is a big week for Meterpreter. For starters, we've landed a new Meterpreter Python payload. Yes, yes, I know, you thought that Metasploit was all Ruby all the time, but this and the Python payloads for bind shells from Spencer McIntyre should help…

Fun With VMware Utilities: vmware_mount Exploit (CVE-2013-1662)

On August 22, Tavis Ormandy dropped a bug in VMWare that takes advantage of a build configuration in Linux distributions. Providing you have user-level access to a Debian or Ubuntu box with VMWare installed, this exploit gives you root access. It's a fun bug and…

VMworldTV Meets the Team Behind Rapid7

Earlier this week, I blogged that Rapid7 is part of VMware NSX ecosystem and gave you an overview of the solution we are working on together with VMware.Check out the below interview with VMworldTV to learn more. Lee Weiner, SVP, Products & Engineering at…

Rapid7 part of VMware NSX Partner ecosystem

We're very excited that VMware is showcasing Rapid7 as an official VMware NSX Partner at VMworld 2013 this week, demonstrating how we provide best-in-class vulnerability management for virtual networks.Rapid7 has been a longtime partner with VMware.  In 2011, we introduced our vAsset discovery…

Free Metasploit Penetration Testing Lab In The Cloud

No matter whether you're taking your first steps with Metasploit or if you're already a pro, you need to practice, practice, practice your skillz. Setting up a penetration testing lab can be time-consuming and expensive (unless you have the hardware already), so I was very…

Getting the Most from Customizable CSV Exports - Part 6

Hi, my name is Eden Martinez, and I'm a Federal Sales Engineer with Rapid7. Larger environments often list scalability as one of their top problems; specifically, too much data. With current tools, it's not hard to generate large data sets. Most tools are comprehensive with…

Automating Nexpose Discovery Connections through the Java API

Nexpose has long offered APIs allowing for automated workflow operations. The following examples are intended to help Nexpose users automate the discovery mechanisms feature through the API. The following code shows how to leverage the Java API client to create, list, update and delete discovery…

Testing the Security of Virtual Data Centers

If you are doing security assessments, you are probably running into virtual servers every day. According to analyst firm Gartner, 80% of companies now have a virtualization project or program. With the recent 4.2 release of Metasploit, your next penetration test should be much…

Nexpose 5.0 Release

Today we released the latest version of Nexpose. This is a great release for those of you who are working in virtual environments as it adds dynamic virtual asset tracking, allows you to track configuration policy scans, and even introduces a new look and feel…

Virtualization - Introduces New Security Gaps

This is my first blog as a Rapid7 employee.  I started in July of this year as a product manager, and my first project is helping a team build a new discovery method for Nexpose.  Virtualization has been around since the 1960s, even…

The Next Security Frontier: Virtualization

Most pundits agree that virtualization is taking the industry by storm. Leading analyst group IDC is projecting that more than 70% of all server workloads installed on new shipments are expected to reside in a virtual machine by 2014. With organizations lining up left and…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now