Rapid7 Blog

Vulnerability Management  

Patch Tuesday - April 2018

Over 70 vulnerabilities have been fixed this month, including 6 in Adobe Flash (APSB18-08). At a high level, there's nothing too out of the ordinary. Unfortunately, that means the majority of the patched vulnerabilities are once again of the worst variety: Remote Code Execution (RCE)…

Where the sidewalk ends, extend!

Back in the day, I had the pleasure of working in an environment that made heavy use of mainframes. These hulking beasts of yesteryear were workhorses, toting VSAM files hither and thither. One of the treats of the day was the abend. For the uninitiated,…

Cisco Smart Install (SMI) Remote Code Execution: What You Need To Know

What’s Up? Researchers from Embedi discovered (and responsibly disclosed) a stack-based buffer overflow weakness in Cisco Smart Install Client code which causes the devices to be susceptible to arbitrary remote code execution without authentication. Cisco Smart Install (SMI) is a “plug-and-play” configuration and image-management…

Rapid7 Named a Leader in Forrester Wave for Vulnerability Risk Management

Today, we’re excited to announce a major milestone for InsightVM: Recognition as a Leader in The Forrester Wave™: Vulnerability Risk Management, Q1 2018, earning top scores in both the Current Offering and Strategy categories. We are proud of the achievement not only because of…

Patch Tuesday - March 2018

There are a lot of fixes this month: Microsoft's updates include patches for 76 separate vulnerabilities, including two critical Adobe Flash Player remote code execution (RCE) vulnerabilities. In fact all of this month's critical vulnerabilities are browser-related. This is not surprising considering web browsers are…

AWS Asset Sync Connection: More Visibility into your AWS Infrastructure

We recently announced the release of an updated AWS discovery connection for our vulnerability management solutions, Nexpose and InsightVM. This new connection is more efficient and works to the user’s advantage; to do this, it leverages a different workflow than the old connection does.…

An Impressively Unprecedented Drop in Open memcached Services

(Many thanks to Jon Hart and Tom Sellers for their research and content for this blog post.) We started performing weekly monitoring of open/amplification-vulnerable memcached servers after the recent memcrashed amplification distributed denial-of-service (DDoS) attack and today we have some truly awesome news to…

CIS Critical Control 9: Limitation and Control of Ports, Protocols, and Services

This is a continuation of our CIS Critical Control Series blog series. Need help addressing these controls? See why SANS listed Rapid7 as the top solution provider addressing the CIS top 20 controls. If you’ve ever driven on a major metropolitan highway system, you’…

Patch Tuesday - February 2018

It's a run-of-the-mill month as far as Patch Tuesdays go. Even so, 50 individual CVEs have been fixed by Microsoft, most of which (34) are rated "Important". As usual, most of the 14 considered "Critical" are web browser vulnerabilities that could…

Vulnerability Management Year in Review, Part 3: Remediate

The wide impact of the Petya-like ransomware in 2017, mere weeks after WannaCry exploited many of the same vulnerabilities, illustrated the challenge that enterprises have with remediating even major headline-grabbing vulnerabilities, let alone the many vulnerabilities that don’t get news coverage. To this end,…

Incorporating Automated Actions Into Your Vulnerability Management Process

In today’s security climate, we all want to know that our data is as current as possible. Often, customers will increase their vulnerability scanning frequency to weekly or even daily to meet the needs of an ever-changing environment. However, this requires a lot of…

A RESTful API for InsightVM

With 2017 firmly in the rear-view mirror, we peer forward into 2018 and thanks to genre-bending vulnerabilities like Meltdown and Spectre the future would seem a bit blurry. Louis Pasteur is attributed with the quote: “Chance favors the prepared mind.” Pasteur’s work precedes information…

3 Questions to Ask When Prioritizing Web Application Vulnerabilities

Dynamic application security testing (DAST) often results in a constantly evolving list of security vulnerabilities. When scanning a web application in production or in an active testing environment, issues can crop up as quickly as changes happen within the app. And when exposed to the…

The 4 Big Differences Between Network Security and Web Application Security

Tomato, tomato, potato, potato, network security and web application security. Two things that may seem similar, they are actually quite different. Network security (also known as vulnerability assessment or vulnerability management) has been around for quite some time and is something most security practitioners today…

Patch Tuesday - January 2018

The first Microsoft patches of 2018 came early, with new updates released late Wednesday, January 3rd. Although this was due to the (somewhat) coordinated disclosure of the Meltdown and Spectre vulnerabilities, last week’s updates also contained fixes for 33 additional CVEs. These days, Microsoft…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More