The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
How To Track Peak Load and Memory Usage vs Response Time on Heroku

Products and Tools

How To Track Peak Load and Memory Usage vs Response Time on Heroku

Rapid7's avatar

Rapid7

How To Receive Log Alerts Via Flashing Lights In Your Office or Home

Products and Tools

How To Receive Log Alerts Via Flashing Lights In Your Office or Home

Rapid7's avatar

Rapid7

Staying Stealthy: Passive Network Discovery with Metasploit

Products and Tools

Staying Stealthy: Passive Network Discovery with Metasploit

Christian Kirsch's avatar

Christian Kirsch

National Cyber Security Awareness Month: Keeping Mobile Devices Safe

Rapid7 Blog

National Cyber Security Awareness Month: Keeping Mobile Devices Safe

ssahay's avatar

ssahay

GestioIP Authenticated Remote Command Execution module

Industry Trends

GestioIP Authenticated Remote Command Execution module

bperry's avatar

bperry

It's the Great Pumpkin Patching Contest, Charlie Brown!

Rapid7 Blog

It's the Great Pumpkin Patching Contest, Charlie Brown!

Patrick Hellen's avatar

Patrick Hellen

Metasploit Releases CVE-2013-3893 (IE SetMouseCapture Use-After-Free)

Products and Tools

Metasploit Releases CVE-2013-3893 (IE SetMouseCapture Use-After-Free)

Wei Chen's avatar

Wei Chen

Scanning All The Things

Rapid7 Blog

Scanning All The Things

rep's avatar

rep

Welcome to Project Sonar!

Rapid7 Blog

Welcome to Project Sonar!

HD Moore's avatar

HD Moore

Weekly Update: New Exploits for MS13-069, MS13-071

Vulnerabilities and Exploits

Weekly Update: New Exploits for MS13-069, MS13-071

Tod Beardsley's avatar

Tod Beardsley

Change the Theme, Get a Shell: Remote Code Execution with MS13-071

Vulnerabilities and Exploits

Change the Theme, Get a Shell: Remote Code Execution with MS13-071

Juan Vazquez's avatar

Juan Vazquez

Understanding Security Control Grades

Rapid7 Blog

Understanding Security Control Grades

Bill Sharar's avatar

Bill Sharar

IE 0-day: exploit code is now widely available (CVE-2013-3893)

Exposure Management

IE 0-day: exploit code is now widely available (CVE-2013-3893)

Ross Barrett's avatar

Ross Barrett

How to Log Client-side JavaScript Events – Logging for the Web with le.js

Products and Tools

How to Log Client-side JavaScript Events – Logging for the Web with le.js

Rapid7's avatar

Rapid7

Kvasir: Penetration Data Management for Metasploit and Nexpose

Rapid7 Blog

Kvasir: Penetration Data Management for Metasploit and Nexpose

kgrutzma's avatar

kgrutzma

Federal Friday – 9.20.13 – The Air Gapped-Off line Edition

Industry Trends

Federal Friday – 9.20.13 – The Air Gapped-Off line Edition

John Schimelpfenig's avatar

John Schimelpfenig

Weekly Update

Products and Tools

Weekly Update

Tod Beardsley's avatar

Tod Beardsley

Site Import Procedure

Rapid7 Blog

Site Import Procedure

Chris Lee's avatar

Chris Lee

Weekly Update: MSIE, GE Proficy, and handling Metasploit merge conflicts

Products and Tools

Weekly Update: MSIE, GE Proficy, and handling Metasploit merge conflicts

Tod Beardsley's avatar

Tod Beardsley

Video Tutorial: Introduction to XML External Entity Injection

Rapid7 Blog

Video Tutorial: Introduction to XML External Entity Injection

webpwnized's avatar

webpwnized

Patch Tuesday, Sept 2013

Detection and Response

Patch Tuesday, Sept 2013

Ross Barrett's avatar

Ross Barrett