Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Vulnerability Management  

Your Guide to InsightVM’s RESTful API

A Security Automation-Focused API for Forward-Thinking Vulnerability Management Released in January of 2018, Rapid7 InsightVM’s API version 3—the RESTful API—was a highly anticipated, perhaps somewhat inconspicuous, addition to our vulnerability management solution. Introduced as a successor to previous API versions, the RESTful…

Azure Security Center and Active Directory Now Integrate with the Rapid7 Platform

Today, we announced continued, more comprehensive development of the integration between the Rapid7 Insight platform and Microsoft Azure. A new integration with Azure Security Center makes it easy to deploy the Rapid7 unified Insight Agent across new and existing Azure Virtual Machines. This automated deployment…

Customer Spotlight: Why Evercore Invests in InsightVM for Security Visibility and Reporting

Vulnerability management is a big deal to us at Evercore—not just for compliance reasons, but because we feel it’s the right thing to do. With complete visibility into our network using InsightVM, a cloud-based vulnerability management tool, we can find vulnerabilities on any…

Patch Tuesday - July 2018

This month's security updates from Microsoft address 50 separate vulnerabilities, including two fixes for Adobe Flash Player (APSB18-24). There are no 0-days this month, although three vulnerabilities had been publicly disclosed prior to the release: two privilege escalation vulnerabilities in Windows and a spoofing vulnerability…

Why Bow Valley College Gives Rapid7 InsightVM High Marks for Vulnerability Management

Bow Valley College uses InsightVM dashboards to identify quick wins, measure success, and communicate to senior leadership. James Cairns, database administrator at Bow Valley College, gave us a look into their vulnerability management journey with Rapid7. It’s my job to assess vulnerabilities, facilitate patching,…

Patch Tuesday - June 2018

This month's Patch Tuesday is rather run-of-the-mill, with a total of 50 vulnerabilities being addressed by Microsoft. However, a bit of excitement came earlier this month, with an out-of-band patch for Adobe Flash Player released last Thursday to fix four security issues. Two of these…

VPNFilter's Potential Reach — Malware Exposure in SMB/Consumer-grade Devices

(Many thanks to Rebekah Brown & Derek Abdine for their contributions to the post.) How does VPNFilter work? Over the past few weeks, Cisco’s Talos group has published some significant new research on a new malware family called VPNFilter. VPNFilter targets and compromises networking…

How to Streamline Your Vulnerability Remediation Workflows with InsightVM Projects

If you’re like many security practitioners, you spend a lot of time working with spreadsheets. Whether you’re trying to prioritize your findings or distribute work to remediation teams, an all-too-common workflow is to export this data into a spreadsheet to then be sorted,…

Patch Tuesday - May 2018

Microsoft has released patches that resolve over 60 separate vulnerabilities including an update for Flash Player that addresses a critical Remote Code Execution (RCE) vulnerability (CVE-2018-4944). As usual, the majority of fixes are browser-related, but Microsoft Office is also seeing its fair share this month.…

3 Steps to Clear the Fog: Improving Vulnerability Remediation Visibility with InsightVM

The moment you send a vulnerability report to your IT team, you want assurance that it’s being worked on—especially if there are critical vulnerabilities. You also want to be sure issues are prioritized in the right way so that deadlines are met. Often,…

CVE 100K: A Big, Round Number

There have been 100,000 CVEs published. That's a big, round number.…

CVE 100K: By The Numbers

There have been 100,000 CVEs published. Here are some stats on the program so far.…

Drupalgeddon Vulnerability: What is it? Are You Impacted?

First up: many thanks to Brent Cook, William Vu and Matt Hand for their massive assistance in both the Rapid7 research into “Drupalgeddon” and their contributions to this post. Background on the Drupalgeddon vulnerability The Drupalgeddon 2 vulnerability announcement came out in late March (2018-03-28…

Rapid7 InsightVM Named Best Vulnerability Management Solution by SC Magazine

SC Media has announced the 2018 SC Awards and (drumroll, please…) InsightVM is proud to take top honors as Best Vulnerability Management Solution in the Trust Awards category. Our team works tirelessly day in and day out to bring SecOps best practices to our customers,…

What is Modern Vulnerability Management?

Once upon a time (a few years ago) vulnerability management programs focused solely on servers, running quarterly scans that targeted only critical systems. But that was then, and you can no longer afford such a limited view in the now. To illustrate these changes in…