The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
SQL Export Report using the API

Cloud and Devops Security

SQL Export Report using the API

Michael Huffman's avatar

Michael Huffman

ControlsInsight Year In Review

Rapid7 Blog

ControlsInsight Year In Review

Jane Man's avatar

Jane Man

5 Uses for Log Data That You Never Thought Of

Products and Tools

5 Uses for Log Data That You Never Thought Of

Rapid7's avatar

Rapid7

December 2013 Patch Tuesday

Detection and Response

December 2013 Patch Tuesday

Ross Barrett's avatar

Ross Barrett

Weekly Metasploit Update: New Meterpreter Extended API, Learning About HttpServer, HttpClient, and SAP

Vulnerabilities and Exploits

Weekly Metasploit Update: New Meterpreter Extended API, Learning About HttpServer, HttpClient, and SAP

Tod Beardsley's avatar

Tod Beardsley

Top 3 Reasons Small-to-Medium Businesses Fail at Security

Rapid7 Blog

Top 3 Reasons Small-to-Medium Businesses Fail at Security

williamgeller's avatar

williamgeller

#pwnSAP Tweet Chat Debrief

Exposure Management

#pwnSAP Tweet Chat Debrief

Rachel Round's avatar

Rachel Round

Weekly Metasploit Update: SAP and Silverlight

Products and Tools

Weekly Metasploit Update: SAP and Silverlight

Tod Beardsley's avatar

Tod Beardsley

Logentries Add-Ons for Heroku Environment pt. 1 – CloudAMQP

Rapid7 Blog

Logentries Add-Ons for Heroku Environment pt. 1 – CloudAMQP

Rapid7's avatar

Rapid7

Log Management 101 - Where Do Logs Come From?

Detection and Response

Log Management 101 - Where Do Logs Come From?

Rapid7's avatar

Rapid7

A Pentester's Introduction to SAP & ABAP

Threat Research

A Pentester's Introduction to SAP & ABAP

Juan Vazquez's avatar

Juan Vazquez

Weekly Metasploit Update: Patching Ruby Float Conversion DoS (CVE-2013-4164)

Products and Tools

Weekly Metasploit Update: Patching Ruby Float Conversion DoS (CVE-2013-4164)

Tod Beardsley's avatar

Tod Beardsley

Weekly Metasploit Update: BrowserExploitServer (BES), IPMI, and KiTrap0D

Vulnerabilities and Exploits

Weekly Metasploit Update: BrowserExploitServer (BES), IPMI, and KiTrap0D

Tod Beardsley's avatar

Tod Beardsley

Where Are My AWS Logs?

Products and Tools

Where Are My AWS Logs?

Rapid7's avatar

Rapid7

Exploiting the Supermicro Onboard IPMI Controller

Vulnerabilities and Exploits

Exploiting the Supermicro Onboard IPMI Controller

Juan Vazquez's avatar

Juan Vazquez

November 2013 Patch Tuesday Summary

Rapid7 Blog

November 2013 Patch Tuesday Summary

Ross Barrett's avatar

Ross Barrett

New in 5.7.16 - Search, Track, and Report on Assets by Open Ports

Rapid7 Blog

New in 5.7.16 - Search, Track, and Report on Assets by Open Ports

James Green's avatar

James Green

Tech Preview Feedback: Vulnerability Validation in Metasploit Pro 4.8

Products and Tools

Tech Preview Feedback: Vulnerability Validation in Metasploit Pro 4.8

dthree's avatar

dthree

Don't Get Blindsided: Better Visibility Into User and Asset Risks with Metasploit 4.8

Detection and Response

Don't Get Blindsided: Better Visibility Into User and Asset Risks with Metasploit 4.8

Christian Kirsch's avatar

Christian Kirsch

Network complexity: Bad for Business, Great for Job Security

Rapid7 Blog

Network complexity: Bad for Business, Great for Job Security

kevinbeaver's avatar

kevinbeaver

Learn to Pentest SAP with Metasploit As ERP Attacks Go Mainstream

Threat Research

Learn to Pentest SAP with Metasploit As ERP Attacks Go Mainstream

Christian Kirsch's avatar

Christian Kirsch