Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Vulnerability Management  

Patch Tuesday - December 2018

It's the last Patch Tuesday of 2018! As is often the case in December, it's a relatively light one with "only" 38 CVEs. (Every other month in 2018 clocked in with at least 50 patched vulnerabilities.) This is in addition to the two…

Did You Remediate That? New InsightVM Executive Report Provides Key Details on Team Progress

We have developed the InsightVM Executive Report so that companies can easily report on month-over-month trends in their vulnerability management programs.…

Patch Tuesday - November 2018

Microsoft's patches this month address over 60 vulnerabilities. Just like last month, another zero-day privilege escalation vulnerability in Win32k has been patched. CVE-2018-8589 has been seen exploited in the wild, and allows a logged-in attacker to execute arbitrary code in the security context of a…

Rapid7 Wins Frost & Sullivan 2018 Global Vulnerability Management Market Leadership Award

We’re thrilled to announce that Rapid7 InsightVM was selected as the market leader in vulnerability management by Frost & Sullivan.…

Whiteboard Wednesday: Common Vulnerabilities as Personified by Halloween Costumes

As a security professional, you don’t need a haunted house to feel spooked this Halloween—just start exploring your environment in search of vulnerabilities.…

How to Use InsightVM’s Goals & SLAs Feature to Define Important Metrics and Optimize Your Security Operations

Rapid7 InsightVM’s new Goals & SLAs feature helps security teams define relevant and meaningful metrics so they’re able to set goals against them, track individual and team progress, and receive alerts when goals are achieved or missed.…

Rapid7 Leads All 'Strong Performers' in 2018 Forrester Wave for Emerging MSSPs

We’re proud to be recognized in the Forrester Wave as the leader in the “Strong Performer” category and to score second highest overall current offering for our Managed Security Services.…

Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk

Here is a first-hand look at how we quantify the Real Risk Score and how this helps practitioners address the top vulnerabilities in their ecosystems.…

Take a Bite out of the Vulnerability Remediation Backlog with InsightVM

Security teams dealing with expanding networks and increasingly sophisticated attacks can use InsightVM to help stay on top of their vulnerability backlog.…

Patch Tuesday - October 2018

This month's patches from Microsoft include fixes for 50 distinct vulnerabilities.…

Automate to Accelerate: Introducing Security Orchestration and Automation on the Rapid7 Insight Platform

Rapid7 is proud to officially announce orchestration and automation on our Insight platform, with automation taking shape in a number of existing products and our new SOAR offering, Rapid7 InsightConnect.…

How to Identify and Prioritize Gaps with the Cybersecurity Maturity Assessment, Post-2018 'Under the Hoodie'

At Rapid7, we believe that cybersecurity within a company is not just a function with many stakeholders, but rather a shared responsibility among all employees, regardless of role.…

Patch Tuesday - September 2018

More than 60 vulnerabilities were addressed by this month's patches, including CVE-2018-15967 (a privilege escalation/information disclosure vulnerability in Adobe Flash Player).…

Scan Management with InsightAppSec: There’s More to Application Security than Long Lists of Vulnerabilities

Knowing what you are scanning, how often, and with how much success is vital to knowing your vulnerability data is accurate, up-to-date, and reflects your security position. InsightAppSec can help.…

Patch Tuesday - August 2018

Microsoft's updates this month address over 60 vulnerabilities, 20 of which are classified as Critical. As usual, most of this month's fixes are browser-related, and nearly half of the flaws could lead to remote code execution (RCE). Patches for Exchange, SQL Server, and Microsoft Office…