The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
Cisco Smart Install (SMI) Remote Code Execution

Exposure Management

Cisco Smart Install (SMI) Remote Code Execution

boB Rudis's avatar

boB Rudis

How to detect weak SSL/TLS encryption on your network

Detection and Response

How to detect weak SSL/TLS encryption on your network

Rapid7's avatar

Rapid7

3 Ways to Accelerate Web App Security Testing

Products and Tools

3 Ways to Accelerate Web App Security Testing

Alfred Chung's avatar

Alfred Chung

CIS Critical Control 11: Secure Configurations for Network Devices

Security Operations

CIS Critical Control 11: Secure Configurations for Network Devices

Jason Beatty's avatar

Jason Beatty

Metasploit Wrapup 3/23/18

Products and Tools

Metasploit Wrapup 3/23/18

Brendan Watters's avatar

Brendan Watters

How to detect new server ports in use on your network

Detection and Response

How to detect new server ports in use on your network

Rapid7's avatar

Rapid7

GDPR Preparation March and April: Course Correct

Detection and Response

GDPR Preparation March and April: Course Correct

Sam Humphries's avatar

Sam Humphries

Rapid7 Threat Report: Q4 2017 Q4 Threat Report and 2017 Wrap-up

Industry Trends

Rapid7 Threat Report: Q4 2017 Q4 Threat Report and 2017 Wrap-up

Rebekah Brown's avatar

Rebekah Brown

Metasploit Wrapup 3/16/18

Products and Tools

Metasploit Wrapup 3/16/18

Aaron Soto's avatar

Aaron Soto

Stateful WAF AKA the Bronze Age

Rapid7 Blog

Stateful WAF AKA the Bronze Age

Rapid7's avatar

Rapid7

Rapid7 Named a Leader in Forrester Wave for Vulnerability Risk Management

Security Operations

Rapid7 Named a Leader in Forrester Wave for Vulnerability Risk Management

James Green's avatar

James Green

R7-2018-01 (CVE-2018-5551, CVE-2018-5552): DocuTrac Office Therapy Installer Hard-Coded Credentials and Cryptographic Salt

Vulnerabilities and Exploits

R7-2018-01 (CVE-2018-5551, CVE-2018-5552): DocuTrac Office Therapy Installer Hard-Coded Credentials and Cryptographic Salt

Tod Beardsley's avatar

Tod Beardsley

Patch Tuesday - March 2018

Exposure Management

Patch Tuesday - March 2018

Greg Wiseman's avatar

Greg Wiseman

CIS Critical Control 10: Data Recovery Capability

Security Operations

CIS Critical Control 10: Data Recovery Capability

Anna Nielsen's avatar

Anna Nielsen

Metasploit Wrapup 3/9/18

Products and Tools

Metasploit Wrapup 3/9/18

Pearce Barry's avatar

Pearce Barry

CIS Critical Control 9: Limitation and Control of Ports, Protocols, and Services

Exposure Management

CIS Critical Control 9: Limitation and Control of Ports, Protocols, and Services

Cindy Jones's avatar

Cindy Jones

Guest Post: Lurking in /lib

Industry Trends

Guest Post: Lurking in /lib

RageLtMan's avatar

RageLtMan

How to Scan Your Own Application with the InsightAppSec Free Trial

Products and Tools

How to Scan Your Own Application with the InsightAppSec Free Trial

Alfred Chung's avatar

Alfred Chung

Metasploit Wrapup 2/23/18

Products and Tools

Metasploit Wrapup 2/23/18

Jacob Robles's avatar

Jacob Robles

Making the Dream Work: Teaming with Dev for Safer Production Apps

Products and Tools

Making the Dream Work: Teaming with Dev for Safer Production Apps

Alfred Chung's avatar

Alfred Chung

Metasploit Wrapup 2/16/18

Products and Tools

Metasploit Wrapup 2/16/18

Pearce Barry's avatar

Pearce Barry