Posts by Tod Beardsley

6 min Industry Cyber-Exposure Report (ICER)

Rapid7's 2021 ICER Takeaways: Version Complexity Among the Fortune 500

Complexity is the enemy to successful security outcomes. To get a feel for how well-resourced organizations perform in this area, we looked at 3 factors.

1 min Industry Cyber-Exposure Report (ICER)

Rapid7 Releases New Industry Cyber-Exposure Report (ICER): ASX 200

Today, we are excited to release the third report in our Industry Cyber-Exposure Report (ICER) series, which digs into cyber-exposure among organizations in Australia’s ASX 200.

4 min Industry Cyber-Exposure Report (ICER)

Rapid7's 2021 ICER Takeaways: Web Security Among the Fortune 500

There are very few security measures that should be applied to all web applications across the board without further subdividing what specific type of application we are referring to. However, there are a couple that we will examine here.

4 min Industry Cyber-Exposure Report (ICER)

Rapid7's 2021 ICER Takeaways: Email Security Among the Fortune 500

We all know and love—or at least begrudgingly rely upon—email. It is a pillar of modern communications, but is unfortunately also highly susceptible to being leveraged as a mechanism for malicious actions, such as spoofing or phishing.

1 min Research

Rapid7 Releases New Industry Cyber-Exposure Report (ICER): FTSE 350

We are excited to release the second report in our Industry Cyber-Exposure Report (ICER) series, which digs into cyber-exposure among organizations in the U.K.’s FTSE 350.

3 min Vulnerability Disclosure

CVE-2021-26908 and CVE-2021-26909: Automox Agent Information Disclosure (FIXED)

Rapid7 researcher Danny Jordan discovered two vulnerabilities in the Automox Agent for Windows and macOS.

2 min Research

Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Fortune 500

Today, Rapid7 just released the first in our all-new Industry Cyber-Exposure Report (ICER) series.

4 min Vulnerability Disclosure

CVE-2021-22652: Advantech iView Missing Authentication RCE (FIXED)

Advantech iView versions prior to 5.7.03.6112 suffer from an instance of "CWE-306: Missing Authentication For Critical Function."

8 min National / Industry / Cloud Exposure Report (NICER)

NICER Protocol Deep Dive: Internet Exposure of HTTP and HTTPS

Read on to learn more about the internet exposure of HTTP and HTTPS from our 2020 NICER Report.

5 min National / Industry / Cloud Exposure Report (NICER)

NICER Protocol Deep Dive: Internet Exposure of NTP

In the latest installment of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of NTP.

5 min National / Industry / Cloud Exposure Report (NICER)

NICER Protocol Deep Dive: Internet Exposure of DNS-over-TLS

In this edition of our NICER Protocol Deep Dive blog series, we'll take a closer look at the internet exposure of DNS-over-TLS.

6 min National / Industry / Cloud Exposure Report (NICER)

NICER Protocol Deep Dive: Internet Exposure of DNS

In this edition of our NICER Protocol Deep Dive blog series, we discuss the internet exposure of DNS.

3 min IoT

HaXmas Hardware Hacking

This HaXmas, I decided to dig around a little in Rapid7's library of IoT investigations that never really went anywhere, just to see which tools were used.

2 min National / Industry / Cloud Exposure Report (NICER)

NICER Protocol Deep Dive: Internet Exposure of etcd

In the latest edition of our NICER Protocol Deep Dive blog series, we break down the internet exposure of etcd.

4 min National / Industry / Cloud Exposure Report (NICER)

NICER Protocol Deep Dive: Internet Exposure of memcached

In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of memcached.