The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
New InsightAppSec Releases: Compliance Reports and the AppSec Toolkit

Products and Tools

New InsightAppSec Releases: Compliance Reports and the AppSec Toolkit

Mark Hamill's avatar

Mark Hamill

How to detect SMBv1 scanning and SMBv1 established connections

Detection and Response

How to detect SMBv1 scanning and SMBv1 established connections

Rapid7's avatar

Rapid7

How Security Orchestration and Automation Will Unite Infosec

Products and Tools

How Security Orchestration and Automation Will Unite Infosec

Jen Andre's avatar

Jen Andre

Patch Tuesday - June 2018

Exposure Management

Patch Tuesday - June 2018

Greg Wiseman's avatar

Greg Wiseman

Password Tips From a Pen Tester: Common Patterns Exposed

Threat Research

Password Tips From a Pen Tester: Common Patterns Exposed

Patrick Laverty's avatar

Patrick Laverty

R7-2018-15 | CVE-2018-5553: Crestron DGE-100 Console Command Injection (FIXED)

Vulnerabilities and Exploits

R7-2018-15 | CVE-2018-5553: Crestron DGE-100 Console Command Injection (FIXED)

Sam Huckins's avatar

Sam Huckins

Metasploit Wrapup 6/8/18

Products and Tools

Metasploit Wrapup 6/8/18

Adam Cammack's avatar

Adam Cammack

Announcement: End of Life for Metasploit Express Edition

Products and Tools

Announcement: End of Life for Metasploit Express Edition

Cody Pierce's avatar

Cody Pierce

Metasploit Wrapup 6/1/18

Products and Tools

Metasploit Wrapup 6/1/18

James Barnett's avatar

James Barnett

Managed Threat Detection and Response Vendors: Questions You Need to Ask

Products and Tools

Managed Threat Detection and Response Vendors: Questions You Need to Ask

Wade Woolwine's avatar

Wade Woolwine

How to Streamline Your Vulnerability Remediation Workflows with InsightVM Projects

Products and Tools

How to Streamline Your Vulnerability Remediation Workflows with InsightVM Projects

Jesika McEvoy's avatar

Jesika McEvoy

Metasploit Wrapup 5/25/18

Products and Tools

Metasploit Wrapup 5/25/18

Aaron Soto's avatar

Aaron Soto

What the Heck is Drive-By Cryptomining?

Rapid7 Blog

What the Heck is Drive-By Cryptomining?

Rapid7's avatar

Rapid7

How to Build Your Own Caller ID Spoofer: Part 1

Exposure Management

How to Build Your Own Caller ID Spoofer: Part 1

Jonathan Stines's avatar

Jonathan Stines

Metasploit Wrapup 5/18/18

Products and Tools

Metasploit Wrapup 5/18/18

Brendan Watters's avatar

Brendan Watters

Whiteboard Wednesday: The Two Components of Phishing Protection Your Security Strategy Needs

Detection and Response

Whiteboard Wednesday: The Two Components of Phishing Protection Your Security Strategy Needs

Vivian Ma's avatar

Vivian Ma

Rapid7 Quarterly Threat Report: 2018 Q1

Detection and Response

Rapid7 Quarterly Threat Report: 2018 Q1

Rebekah Brown's avatar

Rebekah Brown

Metasploit Wrapup: 5/11/18

Products and Tools

Metasploit Wrapup: 5/11/18

Jacob Robles's avatar

Jacob Robles

Unifying Security Data: How to Streamline Endpoint Detection and Response

Detection and Response

Unifying Security Data: How to Streamline Endpoint Detection and Response

Christie Ott's avatar

Christie Ott

Password Tips From a Pen Tester: 3 Passwords to Eliminate

Exposure Management

Password Tips From a Pen Tester: 3 Passwords to Eliminate

Patrick Laverty's avatar

Patrick Laverty

Critical Control 16: Account Monitoring and Control

Security Operations

Critical Control 16: Account Monitoring and Control

Michael Cole's avatar

Michael Cole