The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
GDPR Preparation March and April: Course Correct

Detection and Response

GDPR Preparation March and April: Course Correct

Sam Humphries's avatar

Sam Humphries

Rapid7 Threat Report: Q4 2017 Q4 Threat Report and 2017 Wrap-up

Industry Trends

Rapid7 Threat Report: Q4 2017 Q4 Threat Report and 2017 Wrap-up

Rebekah Brown's avatar

Rebekah Brown

Metasploit Wrapup 3/16/18

Products and Tools

Metasploit Wrapup 3/16/18

Aaron Soto's avatar

Aaron Soto

Stateful WAF AKA the Bronze Age

Rapid7 Blog

Stateful WAF AKA the Bronze Age

Rapid7's avatar

Rapid7

Rapid7 Named a Leader in Forrester Wave for Vulnerability Risk Management

Security Operations

Rapid7 Named a Leader in Forrester Wave for Vulnerability Risk Management

James Green's avatar

James Green

R7-2018-01 (CVE-2018-5551, CVE-2018-5552): DocuTrac Office Therapy Installer Hard-Coded Credentials and Cryptographic Salt

Vulnerabilities and Exploits

R7-2018-01 (CVE-2018-5551, CVE-2018-5552): DocuTrac Office Therapy Installer Hard-Coded Credentials and Cryptographic Salt

Tod Beardsley's avatar

Tod Beardsley

Patch Tuesday - March 2018

Exposure Management

Patch Tuesday - March 2018

Greg Wiseman's avatar

Greg Wiseman

CIS Critical Control 10: Data Recovery Capability

Security Operations

CIS Critical Control 10: Data Recovery Capability

Anna Nielsen's avatar

Anna Nielsen

Metasploit Wrapup 3/9/18

Products and Tools

Metasploit Wrapup 3/9/18

Pearce Barry's avatar

Pearce Barry

CIS Critical Control 9: Limitation and Control of Ports, Protocols, and Services

Exposure Management

CIS Critical Control 9: Limitation and Control of Ports, Protocols, and Services

Cindy Jones's avatar

Cindy Jones

Guest Post: Lurking in /lib

Industry Trends

Guest Post: Lurking in /lib

RageLtMan's avatar

RageLtMan

How to Scan Your Own Application with the InsightAppSec Free Trial

Products and Tools

How to Scan Your Own Application with the InsightAppSec Free Trial

Alfred Chung's avatar

Alfred Chung

Metasploit Wrapup 2/23/18

Products and Tools

Metasploit Wrapup 2/23/18

Jacob Robles's avatar

Jacob Robles

Making the Dream Work: Teaming with Dev for Safer Production Apps

Products and Tools

Making the Dream Work: Teaming with Dev for Safer Production Apps

Alfred Chung's avatar

Alfred Chung

Metasploit Wrapup 2/16/18

Products and Tools

Metasploit Wrapup 2/16/18

Pearce Barry's avatar

Pearce Barry

Tonight I'm gonna IR like it's 99 (days until GDPR)…

Exposure Management

Tonight I'm gonna IR like it's 99 (days until GDPR)…

Sam Humphries's avatar

Sam Humphries

Patch Tuesday - February 2018

Exposure Management

Patch Tuesday - February 2018

Greg Wiseman's avatar

Greg Wiseman

Coinhive: Making Other People’s Web Browsers Mine Cryptocurrency

Rapid7 Blog

Coinhive: Making Other People’s Web Browsers Mine Cryptocurrency

Rapid7's avatar

Rapid7

Why Managed Detection and Response Zeroes In On the Endpoint

Products and Tools

Why Managed Detection and Response Zeroes In On the Endpoint

Eric Sun's avatar

Eric Sun

HIPAA Security Compliance Fallacies (And How To Avoid Them)

Security Operations

HIPAA Security Compliance Fallacies (And How To Avoid Them)

kevinbeaver's avatar

kevinbeaver

Metasploit Wrapup 2/9/18

Products and Tools

Metasploit Wrapup 2/9/18

Sonny Gonzalez's avatar

Sonny Gonzalez