The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Metasploit Weekly Wrap-Up: Sep. 8, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 8, 2023

Christopher Granleese's avatar

Christopher Granleese

A Look at Our Development Process of the Cloud Resource Enrichment API

Cloud and Devops Security

A Look at Our Development Process of the Cloud Resource Enrichment API

Gil Shamgar's avatar

Gil Shamgar

CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)

Vulnerabilities and Exploits

CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)

Ron Bowes's avatar

Ron Bowes

Metasploit Weekly Wrap-Up: Sep. 1, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 1, 2023

Brendan Watters's avatar

Brendan Watters

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Threat Research

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Natalie Zargarov's avatar

Natalie Zargarov

Exploitation of Juniper Networks SRX Series and EX Series Devices

Exposure Management

Exploitation of Juniper Networks SRX Series and EX Series Devices

Ron Bowes's avatar

Ron Bowes

PenTales: What It’s Like on the Red Team

Exposure Management

PenTales: What It’s Like on the Red Team

Aaron Herndon's avatar

Aaron Herndon

Velociraptor 0.7.0 Release: Dig Deeper With Enhanced Client Search, Server Improvements and Expanded VQL Library

Products and Tools

Velociraptor 0.7.0 Release: Dig Deeper With Enhanced Client Search, Server Improvements and Expanded VQL Library

Dr. Mike Cohen's avatar

Dr. Mike Cohen

Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs

Detection and Response

Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs

Rapid7's avatar

Rapid7

Metasploit Weekly Wrap-Up: Aug. 25, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Aug. 25, 2023

Brendan Watters's avatar

Brendan Watters

Why Your AWS Cloud Container Needs Client-Side Security

Products and Tools

Why Your AWS Cloud Container Needs Client-Side Security

Rapid7's avatar

Rapid7

Three Security Vendor Consolidation Myths Debunked

Security Operations

Three Security Vendor Consolidation Myths Debunked

Rapid7's avatar

Rapid7

Ransomware-as-a-Service Cheat Sheet

Detection and Response

Ransomware-as-a-Service Cheat Sheet

Rapid7's avatar

Rapid7

Rapid7 Takes 2023 SC Awards for Vulnerability Management and Threat Detection

Rapid7 Blog

Rapid7 Takes 2023 SC Awards for Vulnerability Management and Threat Detection

Rapid7's avatar

Rapid7

Metasploit Weekly Wrap-Up: Aug. 18, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Aug. 18, 2023

Spencer McIntyre's avatar

Spencer McIntyre

Join us for VeloCON 2023: Digging Deeper Together!

Detection and Response

Join us for VeloCON 2023: Digging Deeper Together!

Carlos Canto's avatar

Carlos Canto

Rapid7’s Mid-Year Threat Review

Rapid7 Blog

Rapid7’s Mid-Year Threat Review

Tom Caiazza's avatar

Tom Caiazza

What's New in CVSS v4

Exposure Management

What's New in CVSS v4

Devin Krugly's avatar

Devin Krugly

Metasploit Weekly Wrap-Up: Aug. 11, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Aug. 11, 2023

Christopher Granleese's avatar

Christopher Granleese

Patch Tuesday - August 2023

Detection and Response

Patch Tuesday - August 2023

Adam Barnett's avatar

Adam Barnett

A Message from Rapid7 CEO, Corey Thomas

Rapid7 Blog

A Message from Rapid7 CEO, Corey Thomas

Corey Thomas's avatar

Corey Thomas