The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
Announcing the Metasploitable3 Community CTF

Products and Tools

Announcing the Metasploitable3 Community CTF

Caitlin Condon's avatar

Caitlin Condon

InsightAppSec Feature Highlights: On-Premise Engines, JIRA Integration, and More

Products and Tools

InsightAppSec Feature Highlights: On-Premise Engines, JIRA Integration, and More

Alfred Chung's avatar

Alfred Chung

CVE-2017-16943: Exim BDAT Use-After-Free

Rapid7 Blog

CVE-2017-16943: Exim BDAT Use-After-Free

Tod Beardsley's avatar

Tod Beardsley

InsightIDR Monitors Win, Linux & Mac Endpoints

Detection and Response

InsightIDR Monitors Win, Linux & Mac Endpoints

Eric Sun's avatar

Eric Sun

Firewall Reporting Excessive SYN Packets? Check Rate of Connections

Detection and Response

Firewall Reporting Excessive SYN Packets? Check Rate of Connections

Rapid7's avatar

Rapid7

3 Steps to Building an Effective Log Management Policy

Security Operations

3 Steps to Building an Effective Log Management Policy

Robert Reselman's avatar

Robert Reselman

INTEL-SA-00086 Security Bulletin for Intel Management Engine (ME) and Advanced Management Technology (AMT) Vulnerabilities: What You Need To Know

Exposure Management

INTEL-SA-00086 Security Bulletin for Intel Management Engine (ME) and Advanced Management Technology (AMT) Vulnerabilities: What You Need To Know

boB Rudis's avatar

boB Rudis

The Oracle (PeopleSoft/Tuxedo) JoltandBleed Vulnerabilities: What You Need To Know

Exposure Management

The Oracle (PeopleSoft/Tuxedo) JoltandBleed Vulnerabilities: What You Need To Know

boB Rudis's avatar

boB Rudis

Metasploit Wrapup: Nov. 17, 2017

Products and Tools

Metasploit Wrapup: Nov. 17, 2017

Pearce Barry's avatar

Pearce Barry

Welcome transparency on US government's process for disclosing vulnerabilities

Industry Trends

Welcome transparency on US government's process for disclosing vulnerabilities

Harley Geiger's avatar

Harley Geiger

Deploying CSP Properly

Rapid7 Blog

Deploying CSP Properly

Rapid7's avatar

Rapid7

Simplicity, Harmony, and Opportunity: Rapid7 Threat Report Q3 2017

Threat Research

Simplicity, Harmony, and Opportunity: Rapid7 Threat Report Q3 2017

Rebekah Brown's avatar

Rebekah Brown

Patch Tuesday - November 2017

Exposure Management

Patch Tuesday - November 2017

Greg Wiseman's avatar

Greg Wiseman

Takeaways from 2017 SANS State of Application Security Survey

Security Operations

Takeaways from 2017 SANS State of Application Security Survey

Alfred Chung's avatar

Alfred Chung

GDPR Preparation: November – Form & Storm

Exposure Management

GDPR Preparation: November – Form & Storm

Sam Humphries's avatar

Sam Humphries

Metasploit MinRID Option

Products and Tools

Metasploit MinRID Option

Ted Raffle's avatar

Ted Raffle

Metasploit Wrapup: Nov. 11, 2017

Products and Tools

Metasploit Wrapup: Nov. 11, 2017

Dev Mohanty's avatar

Dev Mohanty

Stopping Command Injection Attacks by Instrumenting Application Runtimes

Rapid7 Blog

Stopping Command Injection Attacks by Instrumenting Application Runtimes

Paul Callahan's avatar

Paul Callahan

How to Securely Handle a Lost or Stolen Device: A Practical Workflow

Products and Tools

How to Securely Handle a Lost or Stolen Device: A Practical Workflow

Rapid7's avatar

Rapid7

NCSAM Security Crash Diet: Wrap-up

Industry Trends

NCSAM Security Crash Diet: Wrap-up

Tod Beardsley's avatar

Tod Beardsley

Testing Developer Security with Metasploit Pro Task Chains

Security Operations

Testing Developer Security with Metasploit Pro Task Chains

Pearce Barry's avatar

Pearce Barry