The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
Rapid7 Quarterly Threat Report: 2018 Q1

Detection and Response

Rapid7 Quarterly Threat Report: 2018 Q1

Rebekah Brown's avatar

Rebekah Brown

Metasploit Wrapup: 5/11/18

Products and Tools

Metasploit Wrapup: 5/11/18

Jacob Robles's avatar

Jacob Robles

Unifying Security Data: How to Streamline Endpoint Detection and Response

Detection and Response

Unifying Security Data: How to Streamline Endpoint Detection and Response

Christie Ott's avatar

Christie Ott

Password Tips From a Pen Tester: 3 Passwords to Eliminate

Exposure Management

Password Tips From a Pen Tester: 3 Passwords to Eliminate

Patrick Laverty's avatar

Patrick Laverty

Critical Control 16: Account Monitoring and Control

Security Operations

Critical Control 16: Account Monitoring and Control

Michael Cole's avatar

Michael Cole

Metasploit Wrapup 5/4/18

Products and Tools

Metasploit Wrapup 5/4/18

Matthew Kienow's avatar

Matthew Kienow

Hiding Metasploit Shellcode to Evade Windows Defender

Exposure Management

Hiding Metasploit Shellcode to Evade Windows Defender

Wei Chen's avatar

Wei Chen

CVE 100K: A Big, Round Number

Exposure Management

CVE 100K: A Big, Round Number

Tod Beardsley's avatar

Tod Beardsley

CVE 100K: By The Numbers

Exposure Management

CVE 100K: By The Numbers

boB Rudis's avatar

boB Rudis

CIS Critical Security Control 15 Explained: Wireless Access Control – Are You Really Managing Your WiFi?

Security Operations

CIS Critical Security Control 15 Explained: Wireless Access Control – Are You Really Managing Your WiFi?

Bob Boyles's avatar

Bob Boyles

Metasploit Wrapup 4/27/18

Products and Tools

Metasploit Wrapup 4/27/18

Brendan Watters's avatar

Brendan Watters

Drupalgeddon Vulnerability: What is it? Are You Impacted?

Threat Research

Drupalgeddon Vulnerability: What is it? Are You Impacted?

boB Rudis's avatar

boB Rudis

Rapid7 InsightVM Named Best Vulnerability Management Solution by SC Magazine

Security Operations

Rapid7 InsightVM Named Best Vulnerability Management Solution by SC Magazine

Justin Buchanan's avatar

Justin Buchanan

How to Detect Devices on Your Network Running Telnet Services

Detection and Response

How to Detect Devices on Your Network Running Telnet Services

Rapid7's avatar

Rapid7

How to Identify Attacker Reconnaissance on Your Internal Network

Security Operations

How to Identify Attacker Reconnaissance on Your Internal Network

Christie Ott's avatar

Christie Ott

CIS Critical Control 14 Explained: Controlled Access Based on the Need to Know

Security Operations

CIS Critical Control 14 Explained: Controlled Access Based on the Need to Know

Brian Carey's avatar

Brian Carey

Metasploit Wrapup 4/20/18

Products and Tools

Metasploit Wrapup 4/20/18

Aaron Soto's avatar

Aaron Soto

Should Security Teams Use CSP Nonces to Better Comply with PCI?

Rapid7 Blog

Should Security Teams Use CSP Nonces to Better Comply with PCI?

Rapid7's avatar

Rapid7

How to Remediate Vulnerabilities Across Multiple Offices

Products and Tools

How to Remediate Vulnerabilities Across Multiple Offices

Nathan Palanov's avatar

Nathan Palanov

Attacker Behavior Analytics: How SIEM Detects Unknown Threats

Detection and Response

Attacker Behavior Analytics: How SIEM Detects Unknown Threats

Eric Sun's avatar

Eric Sun

Georgia should not authorize "hack back"

Industry Trends

Georgia should not authorize "hack back"

Harley Geiger's avatar

Harley Geiger