The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Metasploit's 12 Days of HaXmas

Exposure Management

Metasploit's 12 Days of HaXmas

Tod Beardsley's avatar

Tod Beardsley

12 Days of HaXmas: Diving Into Git for Current and Future Metasploit Devs

Exposure Management

12 Days of HaXmas: Diving Into Git for Current and Future Metasploit Devs

Tod Beardsley's avatar

Tod Beardsley

12 Days of HaXmas: Exploiting (and Fixing) RJS Rails Info Leaks

Exposure Management

12 Days of HaXmas: Exploiting (and Fixing) RJS Rails Info Leaks

joev's avatar

joev

12 Days of HaXmas: Impress Your Family With Elite Metasploit Wizardry

Products and Tools

12 Days of HaXmas: Impress Your Family With Elite Metasploit Wizardry

Wei Chen's avatar

Wei Chen

12 Days of HaXmas: Meterpreter, Reloaded

Exposure Management

12 Days of HaXmas: Meterpreter, Reloaded

Tod Beardsley's avatar

Tod Beardsley

UI Vulnerability Exception Query

Rapid7 Blog

UI Vulnerability Exception Query

Erik Castellanos's avatar

Erik Castellanos

Bypassing Adobe Reader Sandbox with Methods Used In The Wild

Vulnerabilities and Exploits

Bypassing Adobe Reader Sandbox with Methods Used In The Wild

Juan Vazquez's avatar

Juan Vazquez

Metasploit Weekly Update: Adobe Reader Exploit and Post-Exploitation YouTube Broadcasting

Vulnerabilities and Exploits

Metasploit Weekly Update: Adobe Reader Exploit and Post-Exploitation YouTube Broadcasting

Tod Beardsley's avatar

Tod Beardsley

How to Configure Rsyslog with Any Log File; Agents Bad...No Agents Good...

Products and Tools

How to Configure Rsyslog with Any Log File; Agents Bad...No Agents Good...

Rapid7's avatar

Rapid7

SQL Export Report using the API

Cloud and Devops Security

SQL Export Report using the API

Michael Huffman's avatar

Michael Huffman

ControlsInsight Year In Review

Products and Tools

ControlsInsight Year In Review

Jane Man's avatar

Jane Man

5 Uses for Log Data That You Never Thought Of

Products and Tools

5 Uses for Log Data That You Never Thought Of

Rapid7's avatar

Rapid7

December 2013 Patch Tuesday

Detection and Response

December 2013 Patch Tuesday

Ross Barrett's avatar

Ross Barrett

Weekly Metasploit Update: New Meterpreter Extended API, Learning About HttpServer, HttpClient, and SAP

Vulnerabilities and Exploits

Weekly Metasploit Update: New Meterpreter Extended API, Learning About HttpServer, HttpClient, and SAP

Tod Beardsley's avatar

Tod Beardsley

Top 3 Reasons Small-to-Medium Businesses Fail at Security

Rapid7 Blog

Top 3 Reasons Small-to-Medium Businesses Fail at Security

williamgeller's avatar

williamgeller

#pwnSAP Tweet Chat Debrief

Exposure Management

#pwnSAP Tweet Chat Debrief

Rachel Round's avatar

Rachel Round

Weekly Metasploit Update: SAP and Silverlight

Products and Tools

Weekly Metasploit Update: SAP and Silverlight

Tod Beardsley's avatar

Tod Beardsley

Logentries Add-Ons for Heroku Environment pt. 1 – CloudAMQP

Rapid7 Blog

Logentries Add-Ons for Heroku Environment pt. 1 – CloudAMQP

Rapid7's avatar

Rapid7

Log Management 101 - Where Do Logs Come From?

Detection and Response

Log Management 101 - Where Do Logs Come From?

Rapid7's avatar

Rapid7

A Pentester's Introduction to SAP & ABAP

Threat Research

A Pentester's Introduction to SAP & ABAP

Juan Vazquez's avatar

Juan Vazquez

Weekly Metasploit Update: Patching Ruby Float Conversion DoS (CVE-2013-4164)

Products and Tools

Weekly Metasploit Update: Patching Ruby Float Conversion DoS (CVE-2013-4164)

Tod Beardsley's avatar

Tod Beardsley