Threat Exposure Management
Reduce Your Risk of a BreachManage your risk by identifying where you are vulnerable to an attack. Systematically reduce your exposure, based on threats and priorities to your organization.
Incident Detection & Response
Find the Attacks You’re MissingFrom the endpoint to the cloud, quickly find intruders, trace their tracks, and stop the breach before the damage is done.
Security Advisory Services
Accelerate Security ImprovementIncrease confidence in your security with access to trusted security expertise, data-driven analysis and industry knowledge. Let us help you build a roadmap for your IT security needs.
Streamline and automate your compliance requirements and improve your security posture with Rapid7 security compliance solutions.
Learn more about the security challenges in your industry and how Rapid7's information security solutions can help.
- Threat Exposure Management
Software & Services
Perform effective vulnerability management to combat today's threats.
Test your defenses more efficiently with Metasploit.
Detect compromised credentials and investigate incidents to stop attacks — fast.
Rapid7 has skilled resources ready to help you whether you need deployment and training for Rapid7 products or security assessment services, such as penetration testing.
Product Training & Certification
Get the most out of your Rapid7 products and services.
- Community & Blog
Get started with our free security tools today, see where you are at risk.
- Videos & Media
- Papers & Guides
Search all of our resources.
Meet our Executive Leadership Team and Board of Directors.
Our partners are an important part of our network. They extend the value of our solutions and gain a strategic advantage in their own businesses. Together, we work to ensure customer success.
We're proud to have gained the confidence and backing of market-leading venture capital firms.
Rapid7’s mission is to develop simple, innovative solutions for security’s complex challenges. We understand the attacker better than anyone and build that insight into our security software and services.
Community is important to us. Whether it's the security, open source or local community, we want to help make it stronger. Here are some of the ways that we get involved, support and give back.
What’s happening now — from press and news to industry awards.
We look forward to discussing information security with you face-to-face. Meet us at an event to learn more about Rapid7 and our solutions.
In the News
Should You Disable Java on Your Computer?
Predictions: Securing, Protecting the Internet of Things
How to handle Target's data breach
Dear Gmailer: I know what you read last summer (and last night and today)
Zero-Day Fixes From Adobe, Microsoft
5 Protocols That Should Be Closely Watched
Cupid Concedes January Hack, 42 Million Passwords Stolen
Despite patches, Supermicro's IPMI firmware far from secure, researchers say
Seven IPMI Firmware Zero Days Disclosed
Spike in traffic with TCP source port zero has some researchers worried
Nightmare on PWN Street Infographic
Open-source software projects need to improve vulnerability handling practices, researchers say
Project Sonar: Security Testers Of A New Kind
Raising awareness quickly: Avoiding problems in the cloud
Raising awareness quickly: A look at basic password hygiene
Internet of Things Could Bring On Attack of the Killer Toaster Botnet
Patch Tuesday October: The Big Internet Explorer Fix Is Finally Here
Internet Explorer exploit release could trigger a surge in attacks
Rapid7: Web security getting worse, not better
IE zero-day actively being exploited in the wild: Rapid7
Security org raises Internet threat level after seeing expanded IE attacks
Hackers eager to crack fingerprint scanner on iPhone 5S
Study: Enterprises Fail To Test End User Awareness Training, Password Policies
How secure is Apple iPhone's Touch ID?
Social engineering and phishing attacks are getting smarter, but are employers?
The greatest mobile threats (and Android malware isn't one of them)
New Java feature aims to manage multiple version problems
iPhone 5S: Fanbois, your prints are safe from the NSA, claim infosec bods
4 Mobile Device Dangers That Are More Of A Threat Than Malware
Microsoft delivers 13 patches for 47 flaws, including critical Outlook bug
Tackling Enterprise Threats From The Internet Of Things
How registrar locks can stop spear phishing
Q&A: HD Moore drills down on aftermath of NY Times hack
Unpatched Mac bug gives attackers “super user” status by going back in time
Hackers Target G20 Summit, Researchers Say
APT Groups Using G20 Summit as Lure in Targeted Attacks
Chinese Military Suspected in Cyberattacks on G20
How to Prepare for (and Ace) the Technical Interview
Group behind attack on New York Times linked to G20 phishing attack
Products of the week 8.26.13
3 Inconvenient Truths About Big Data In Security Analysis
Data Triage For The Boston Bombing: How Beth Israel Deaconess Protected Patient Records From Hackers, Journalists, And Curious Doctors
Rapid7 Opens UNITED 2013 Security Summit
Rapid7 Unveils New Security Products to Improve Visibility, Control
Rapid7 to offer new tools for risk management, performance tracking
IPMI: The most dangerous protocol you've never heard of
“Bloodsucking leech” puts 100,000 servers at risk of potent attacks
XP's retirement will be hacker heaven
BYOD Gives Vulnerable Devices Corporate Network Access
Maltego Gets More 'Teeth'
Top Ten Scariest Things We Saw At Black Hat
SecureNinjaTV Blackhat 2013 Giri Sreenivas - Rapid7 Mobilisafe
SecureNinjaTV Blackhat 2013 Tod Beardsley - Metasploit 10th Anniversary
Threat of the month: Mobile malware
Rapid7 adds 200 customers in Q2
Samsung's potential government deal signals new era for mobile security
Executive Profile - Corey Thomas of Rapid7
Android mega flaw fixed but phones remain vulnerable
Products of the week 7.15.13
Wearable Computing Poses Opportunity, Challenges
Internet-Wide Scan Finds Hundreds of Thousands of Ready-Made Backdoors
New Gaping Security Holes Found Exposing Servers
US-CERT Warns Of Default Password Risks
Microsoft's $100k hacker bounty sounds great but has a lot of loopholes
Researchers: New backdoor malware 'KeyBoy' used in targeted attacks in Asia
Oracle Addresses Java's Symptoms, But Doesn't Cure Sickness
Global Cyberattack Hits 350 Victims, 40 Countries
Oracle Vows Better Java Security
Researchers find Java users woefully tardy on patching
Ruby On Rails Under Attack
DHS Warns Employees of Potential Breach Of Private Data
Irrational' hackers are growing U.S. security fear
Cybersecurity Starts in High School with Tomorrow's Hires
Busy Rapid7 Updates Vulnerability Management, Pen-testing and Mobile Risk Offerings
Apple, Samsung Devices Seen Raising Pentagon's Cyber Risk
IE Is Focus of Microsoft's May Patch Tuesday
Cyber Compliance: Hiring a Cybersecurity IT Firm for Rookies
Thieves drain $45M from ATMs in hour
Metasploit Module Released For IE Zero-Day Flaw Used In Labor Attack
BBJ names 2013's Best Places to Work in Massachusetts
LivingSocial Says Cyberattack Puts Data Of 50 Million Customers At Risk
LivingSocial Password Breach Affects 50 Million Accounts
Protecting Twitter passwords
New Tech Lets Hackers Break Into Old Devices
Vulnerable terminal servers could let bad guys hack stoplights, gas pumps
Social engineering in penetration tests: 6 tips for ethical (and legal) use
Use your personal smartphone for work email? Your company might take it
Researcher's Serial Port Scans Find More Than 100,000 Hackable Devices, Including Traffic Lights And Fuel Pumps
Products of the week 4.15.13
Oracle Addresses 128 Vulnerabilities in Massive Critical Patch Update (CPU)
Making Enterprise Penetration Testing Less Mysterious
Linksys Wireless Router Full of Flaws, Researcher Says
Shodan: The scariest search engine on the Internet
Microsoft to release 9 advisories on Tuesday
Cloud Security Configurations: Who is responsible?
Threat of the Month: Universal Plug and Play Vulnerabilities
CIOs 'Playing Catch-Up' in the Cloud
Many Amazon S3 cloud storage users are exposing sensitive company secrets, claims report
How Private Data Became Public on Amazon's Cloud
10 Perks Your Small Business Can Afford
Q&A: Apple hustles to fix iPhone security flaws
Who Is Behind the Cyberattacks on South Korea?
Android, iOS bugs expose phones to voyeurs, data thieves
Security Researcher Built Sketchy 420k Node Botnet to Conduct "Internet Census"
Exposed Devices Used as Botnet to Scan Internet
Metasploit Module Released for Patched Honeywell ICS Vulnerability
Sharpening Endpoint Security
RSA 2013: Outdated Software Biggest Internet Security Threat
Java's latest security problems: New flaw identified, old one attacked
Hackers have been 'let off the leash' by Chinese government
13 IT security myths debunked
Obama Cybersecurity Executive Order A First Step, But More Is Needed, Some Say
Mobile malware still small, but 'malnets' to rise up
Microsoft to Quash 57 Vulnerabilities in February
UPnP-Sicherheitslücke: Testen Sie jetzt Ihren Router!
UPnP scan shows 50 million network devices open to packet attack
Millionen Geräte über Netzwerk-Protokoll UPnP angreifbar
Netzwerkprotokoll: Experten warnen vor großen Sicherheitslücken
Des PC, imprimantes ou TV connectées vulnérables par Internet
U.S. government warns of hack threat to network gear
More Than A Dozen Brands Of Security Camera Systems Vulnerable To Hacker Hijacking
China or Russia Could Be Behind This Global Online Espionage Operation
'Red October' is latest super cyberspy virus, firm says
No, Seriously, Just Disable Java in Your Browser Right Now
Oracle Patches Java Vulnerability
U.S. says Java still risky, even after security update
Oracle updates Java, security experts say bugs remain
LinkedIn becoming tool of choice for job recruiters
Forget Oracle's Latest Java Patch. Just Kill The Program In Your Browser For Good
Madware ads plague Android users
Nasty New Java Zero Day Found; Exploit Kits Already Have It
Is Iran Behind a Wave of Cyberattacks Against U.S. Banks?
Sites Built With Ruby on Rails Suffer New Vulnerability
Extremely critical Ruby on Rails bug threatens more than 200,000 sites
Security for personal mobile devices for work tightens
PayPal, Wells Fargo Among Most-Spoofed Sites During Holidays