The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The End of Legacy SIEM as we Know it

The End of Legacy SIEM as we Know it

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Metasploit Weekly Wrap-Up: Sep. 29, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 29, 2023

Alan David Foster's avatar

Alan David Foster

Critical Vulnerabilities in WS_FTP Server

Threat Research

Critical Vulnerabilities in WS_FTP Server

Caitlin Condon's avatar

Caitlin Condon

Unlock Broader Detections and Forensics with Velociraptor in Rapid7 XDR

Detection and Response

Unlock Broader Detections and Forensics with Velociraptor in Rapid7 XDR

Shanna Battaglia's avatar

Shanna Battaglia

Introducing Active Risk

Exposure Management

Introducing Active Risk

Rapid7's avatar

Rapid7

Metasploit Weekly Wrap-Up: Sep. 22, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 22, 2023

Spencer McIntyre's avatar

Spencer McIntyre

Rapid7 2023 MITRE Engenuity ATT&CK® Evaluations

Security Operations

Rapid7 2023 MITRE Engenuity ATT&CK® Evaluations

Meaghan Buchanan's avatar

Meaghan Buchanan

Rapid7 doubles down on a platform approach for Vulnerability Risk Management

Exposure Management

Rapid7 doubles down on a platform approach for Vulnerability Risk Management

Roshnee Mistry Shah's avatar

Roshnee Mistry Shah

Metasploit Weekly Wrap-Up: Sep. 15, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 15, 2023

Spencer McIntyre's avatar

Spencer McIntyre

Patch Tuesday - September 2023

Exposure Management

Patch Tuesday - September 2023

Adam Barnett's avatar

Adam Barnett

Metasploit Weekly Wrap-Up: Sep. 8, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 8, 2023

Christopher Granleese's avatar

Christopher Granleese

A Look at Our Development Process of the Cloud Resource Enrichment API

Cloud and Devops Security

A Look at Our Development Process of the Cloud Resource Enrichment API

Gil Shamgar's avatar

Gil Shamgar

CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)

Vulnerabilities and Exploits

CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)

Ron Bowes's avatar

Ron Bowes

Metasploit Weekly Wrap-Up: Sep. 1, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 1, 2023

Brendan Watters's avatar

Brendan Watters

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Threat Research

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Natalie Zargarov's avatar

Natalie Zargarov

Exploitation of Juniper Networks SRX Series and EX Series Devices

Exposure Management

Exploitation of Juniper Networks SRX Series and EX Series Devices

Ron Bowes's avatar

Ron Bowes

PenTales: What It’s Like on the Red Team

Exposure Management

PenTales: What It’s Like on the Red Team

Aaron Herndon's avatar

Aaron Herndon

Velociraptor 0.7.0 Release: Dig Deeper With Enhanced Client Search, Server Improvements and Expanded VQL Library

Products and Tools

Velociraptor 0.7.0 Release: Dig Deeper With Enhanced Client Search, Server Improvements and Expanded VQL Library

Dr. Mike Cohen's avatar

Dr. Mike Cohen

Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs

Detection and Response

Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs

Rapid7's avatar

Rapid7

Metasploit Weekly Wrap-Up: Aug. 25, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Aug. 25, 2023

Brendan Watters's avatar

Brendan Watters

Why Your AWS Cloud Container Needs Client-Side Security

Products and Tools

Why Your AWS Cloud Container Needs Client-Side Security

Rapid7's avatar

Rapid7

Three Security Vendor Consolidation Myths Debunked

Security Operations

Three Security Vendor Consolidation Myths Debunked

Rapid7's avatar

Rapid7