The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
Security Impact of Easily Accessible UART on IoT Technology

Threat Research

Security Impact of Easily Accessible UART on IoT Technology

Deral Heiland's avatar

Deral Heiland

Metasploit Wrapup: 6/15/18

Products and Tools

Metasploit Wrapup: 6/15/18

Sonny Gonzalez's avatar

Sonny Gonzalez

How to Create a Secure and Portable Kali Installation

Security Operations

How to Create a Secure and Portable Kali Installation

Bo Weaver's avatar

Bo Weaver

A Common Retailer Dark Web Profile: What We Found in Our Search

Exposure Management

A Common Retailer Dark Web Profile: What We Found in Our Search

Orin Mor's avatar

Orin Mor

Phishing Attacks Duping Your Users? Here’s a Better Anti-Phishing Strategy.

Detection and Response

Phishing Attacks Duping Your Users? Here’s a Better Anti-Phishing Strategy.

Eric Sun's avatar

Eric Sun

New InsightAppSec Releases: Compliance Reports and the AppSec Toolkit

Products and Tools

New InsightAppSec Releases: Compliance Reports and the AppSec Toolkit

Mark Hamill's avatar

Mark Hamill

How to detect SMBv1 scanning and SMBv1 established connections

Detection and Response

How to detect SMBv1 scanning and SMBv1 established connections

Rapid7's avatar

Rapid7

How Security Orchestration and Automation Will Unite Infosec

Products and Tools

How Security Orchestration and Automation Will Unite Infosec

Jen Andre's avatar

Jen Andre

Patch Tuesday - June 2018

Exposure Management

Patch Tuesday - June 2018

Greg Wiseman's avatar

Greg Wiseman

Password Tips From a Pen Tester: Common Patterns Exposed

Threat Research

Password Tips From a Pen Tester: Common Patterns Exposed

Patrick Laverty's avatar

Patrick Laverty

R7-2018-15 | CVE-2018-5553: Crestron DGE-100 Console Command Injection (FIXED)

Vulnerabilities and Exploits

R7-2018-15 | CVE-2018-5553: Crestron DGE-100 Console Command Injection (FIXED)

Sam Huckins's avatar

Sam Huckins

Metasploit Wrapup 6/8/18

Products and Tools

Metasploit Wrapup 6/8/18

Adam Cammack's avatar

Adam Cammack

Announcement: End of Life for Metasploit Express Edition

Products and Tools

Announcement: End of Life for Metasploit Express Edition

Cody Pierce's avatar

Cody Pierce

Metasploit Wrapup 6/1/18

Products and Tools

Metasploit Wrapup 6/1/18

James Barnett's avatar

James Barnett

Managed Threat Detection and Response Vendors: Questions You Need to Ask

Products and Tools

Managed Threat Detection and Response Vendors: Questions You Need to Ask

Wade Woolwine's avatar

Wade Woolwine

How to Streamline Your Vulnerability Remediation Workflows with InsightVM Projects

Products and Tools

How to Streamline Your Vulnerability Remediation Workflows with InsightVM Projects

Jesika McEvoy's avatar

Jesika McEvoy

Metasploit Wrapup 5/25/18

Products and Tools

Metasploit Wrapup 5/25/18

Aaron Soto's avatar

Aaron Soto

What the Heck is Drive-By Cryptomining?

Rapid7 Blog

What the Heck is Drive-By Cryptomining?

Rapid7's avatar

Rapid7

How to Build Your Own Caller ID Spoofer: Part 1

Exposure Management

How to Build Your Own Caller ID Spoofer: Part 1

Jonathan Stines's avatar

Jonathan Stines

Metasploit Wrapup 5/18/18

Products and Tools

Metasploit Wrapup 5/18/18

Brendan Watters's avatar

Brendan Watters

Whiteboard Wednesday: The Two Components of Phishing Protection Your Security Strategy Needs

Detection and Response

Whiteboard Wednesday: The Two Components of Phishing Protection Your Security Strategy Needs

Vivian Ma's avatar

Vivian Ma