The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Rapid7's Q3 2025 Threat Landscape Report

Rapid7's Q3 2025 Threat Landscape Report

Read post
The End of Legacy SIEM as we Know it

The End of Legacy SIEM as we Know it

Read post
A New Meeting Invite, or a New Attack Vector?

A New Meeting Invite, or a New Attack Vector?

Read post
How to Implement JSON Formatting of IIS for Analytics and Troubleshooting

Products and Tools

How to Implement JSON Formatting of IIS for Analytics and Troubleshooting

Rapid7's avatar

Rapid7

For the Love of Code: Why We Use JSHint for Static Code Analysis

Products and Tools

For the Love of Code: Why We Use JSHint for Static Code Analysis

Rapid7's avatar

Rapid7

R7-2014-18: Hikvision DVR Devices - Multiple Vulnerabilities

Vulnerabilities and Exploits

R7-2014-18: Hikvision DVR Devices - Multiple Vulnerabilities

rep's avatar

rep

Why that CVSS score? HTTP TRACE vulnerability-your questions answered

Products and Tools

Why that CVSS score? HTTP TRACE vulnerability-your questions answered

Alex Hin's avatar

Alex Hin

Patch Tuesday, November 2014

Detection and Response

Patch Tuesday, November 2014

Ross Barrett's avatar

Ross Barrett

Nexpose API: SiteSaveRequest and IP Addresses vs Host Names

Products and Tools

Nexpose API: SiteSaveRequest and IP Addresses vs Host Names

Gavin Schneider's avatar

Gavin Schneider

SChannel and MS14-066, another Red Alert?

Detection and Response

SChannel and MS14-066, another Red Alert?

Josh Feinblum's avatar

Josh Feinblum

JSON Formatting of Windows Events: It's Hot!

Products and Tools

JSON Formatting of Windows Events: It's Hot!

Rapid7's avatar

Rapid7

Securing the Shadow IT: How to Enable Secure Cloud Services for Your Business

Cloud and Devops Security

Securing the Shadow IT: How to Enable Secure Cloud Services for Your Business

Christian Kirsch's avatar

Christian Kirsch

Detecting Compromised Amazon Web Services (AWS) Accounts

Detection and Response

Detecting Compromised Amazon Web Services (AWS) Accounts

Christian Kirsch's avatar

Christian Kirsch

Unlimited Logging: A New Chapter in Log Management

Products and Tools

Unlimited Logging: A New Chapter in Log Management

Rapid7's avatar

Rapid7

The Role of Logging in the Internet of Things

Products and Tools

The Role of Logging in the Internet of Things

Rapid7's avatar

Rapid7

What Is JSON? An Introductory Guide

Products and Tools

What Is JSON? An Introductory Guide

Rapid7's avatar

Rapid7

Top 3 Takeaways from "CyberSecurity Awareness Panel: Taking it to the C-Level and Beyond"

Industry Trends

Top 3 Takeaways from "CyberSecurity Awareness Panel: Taking it to the C-Level and Beyond"

Meredith Tufts's avatar

Meredith Tufts

Logging Activity in a Smart Home

Products and Tools

Logging Activity in a Smart Home

Rapid7's avatar

Rapid7

R7-2014-15: GNU Wget FTP Symlink Arbitrary Filesystem Access

Vulnerabilities and Exploits

R7-2014-15: GNU Wget FTP Symlink Arbitrary Filesystem Access

HD Moore's avatar

HD Moore

Improve your scan performance with Scan Engine pooling

Products and Tools

Improve your scan performance with Scan Engine pooling

Rebecca Carter's avatar

Rebecca Carter

Noise Canceling Security: Extract More Value From IPS/IDS, Firewalls, and Anti-Virus

Detection and Response

Noise Canceling Security: Extract More Value From IPS/IDS, Firewalls, and Anti-Virus

Matt Hathaway's avatar

Matt Hathaway

Shared Services: The Unicorn Every DevOps is Looking For

Products and Tools

Shared Services: The Unicorn Every DevOps is Looking For

Rapid7's avatar

Rapid7

R7-2014-17: NAT-PMP Implementation and Configuration Vulnerabilities

Threat Research

R7-2014-17: NAT-PMP Implementation and Configuration Vulnerabilities

Jon Hart's avatar

Jon Hart

Thank You! Five Years of Metasploit at Rapid7

Rapid7 Blog

Thank You! Five Years of Metasploit at Rapid7

Tod Beardsley's avatar

Tod Beardsley