Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Vulnerability Management  

Automating the Cloud: AWS Security Done Efficiently

Today, we are going to be installing software on all your existing EC2 instances across several (or all!) accounts under an organization in AWS.…

Patch Tuesday - August 2019

First off, the big news for today's Patch Tuesday: Microsoft has fixed four new Remote Desktop Services (RDS) vulnerabilities, reminiscent of the BlueKeep vulnerability (CVE-2019-0708) that was patched last May. CVE-2019-1181 and CVE-2019-1182 both affect all supported versions of Windows, and can be exploited without…

August 2019 Microsoft Remote Desktop Services (RDP) Patches: What You Need to Know

A new set of vulnerabilities in RDP impact every modern version of Windows. Here's what you need to know.…

BlueKeep Exploits May Be Coming: Our Observations and Recommendations

Rapid7 Labs has observed a significant uptick in malicious RDP activity since the release of CVE-2019-0708 (aka “BlueKeep”).…

Do You Have Containers in Your Environment? Using Container Discovery to Be Sure

In this post, we'll show you how you can use the container security features in InsightVM to find out whether you have containers you didn't know about.…

[Research] Under the Hoodie, 2019 Edition: Lessons Learned from 180 Penetration Tests

Our 2019 Under the Hoodie report covers the measurable results of about 180 penetration tests conducted by Rapid7. Find out what we learned.…

So, You Think You Can Query?

In this blog, we are going to explore the basics of how to make queries in our cloud-based vulnerability management solution, InsightVM.…

Patch Tuesday - July 2019

Patch Tuesday for July 2019 is on the heavier side as far as they go, with Microsoft fixing 77 vulnerabilities in total. Microsoft also published an advisory describing a cross-site scripting vulnerability in the on-premise edition of Outlook for web (previously known as Outlook Web…

New Container Security Assessment Features Added to InsightVM

We are excited to release two new features to improve the flexibility of our container assessment capabilities: our new Container Registry Sync App and Container Image Scanner for InsightVM.…

How Rapid7’s AWS Security Hub Integrations Increase Cloud Visibility and Automate Security Operations

As part of our ongoing commitment to support customers using Amazon Web Services (AWS), Rapid7 announces integrations with the AWS Security Hub for vulnerability management and SOAR solutions.…

Rapid7 Releases Cloud Configuration Assessment Capabilities in InsightVM

Rapid7 is pleased to announce that we have released new Cloud Configuration Assessment capabilities in our InsightVM vulnerability management solution.…

Blocking User Access to Vulnerable Assets with CyberArk and InsightVM

With InsightVM's new integration with the CyberArk Privileged Access Security Solution, user access to vulnerable assets can be automatically restricted until the issue is eliminated.…

Attack Surface Monitoring with Project Sonar

Attack Surface Monitoring with Project Sonar can help you reduce and monitor your attack surface.…

Patch Tuesday - June 2019

Nearing the halfway point of 2019, today's Patch Tuesday sees Microsoft fix 88 vulnerabilities, the highest count so far this year. Nothing this month seems "wormable" like the BlueKeep vulnerability patched in May, and none of them have been seen exploited in the…