The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Rapid7's Q3 2025 Threat Landscape Report

Rapid7's Q3 2025 Threat Landscape Report

Read post
The End of Legacy SIEM as we Know it

The End of Legacy SIEM as we Know it

Read post
A New Meeting Invite, or a New Attack Vector?

A New Meeting Invite, or a New Attack Vector?

Read post
Recog Release v3.0.3

Threat Research

Recog Release v3.0.3

Matthew Kienow's avatar

Matthew Kienow

Increasing The Sting of HIVE Ransomware

Detection and Response

Increasing The Sting of HIVE Ransomware

Eoin Miller's avatar

Eoin Miller

Ditch The Duct Tape: Reduce Security Sprawl With XDR

Products and Tools

Ditch The Duct Tape: Reduce Security Sprawl With XDR

Amy Hunt's avatar

Amy Hunt

Patch Tuesday - January 2023

Detection and Response

Patch Tuesday - January 2023

Adam Barnett's avatar

Adam Barnett

Year in Review: Rapid7 Vulnerability Management

Exposure Management

Year in Review: Rapid7 Vulnerability Management

Roshnee Mistry Shah's avatar

Roshnee Mistry Shah

Metasploit Weekly Wrap-Up: Jan. 1, 2023

Products and Tools

Metasploit Weekly Wrap-Up: Jan. 1, 2023

Brendan Watters's avatar

Brendan Watters

Year in Review: Rapid7 Cybersecurity Research

Threat Research

Year in Review: Rapid7 Cybersecurity Research

Tom Caiazza's avatar

Tom Caiazza

Rapid7 Announces Global Days Off to Support Employees in 2023

Rapid7 Blog

Rapid7 Announces Global Days Off to Support Employees in 2023

Christina Luconi's avatar

Christina Luconi

2022 Annual Metasploit Wrap-Up

Exposure Management

2022 Annual Metasploit Wrap-Up

Spencer McIntyre's avatar

Spencer McIntyre

Understanding the Ecosystem of Smart Cities for the Purpose of Security Testing

Industry Trends

Understanding the Ecosystem of Smart Cities for the Purpose of Security Testing

Deral Heiland's avatar

Deral Heiland

Refreshing Rapid7's Coordinated Vulnerability Disclosure Policy

Vulnerabilities and Exploits

Refreshing Rapid7's Coordinated Vulnerability Disclosure Policy

Tod Beardsley's avatar

Tod Beardsley

The 2022 Naughty and Nice List

Industry Trends

The 2022 Naughty and Nice List

Tom Caiazza's avatar

Tom Caiazza

Hallmark Channel: Securing the Season

Cloud and Devops Security

Hallmark Channel: Securing the Season

Aaron Wells's avatar

Aaron Wells

Cloud Security and Compliance Best Practices: Highlights From The CSA Cloud Controls Matrix

Products and Tools

Cloud Security and Compliance Best Practices: Highlights From The CSA Cloud Controls Matrix

Rapid7's avatar

Rapid7

CVE-2022-41080, CVE-2022-41082: Rapid7 Observed Exploitation of `OWASSRF` in Exchange for RCE

Vulnerabilities and Exploits

CVE-2022-41080, CVE-2022-41082: Rapid7 Observed Exploitation of `OWASSRF` in Exchange for RCE

Glenn Thorpe's avatar

Glenn Thorpe

Cengage LTI Session Management Leakage

Vulnerabilities and Exploits

Cengage LTI Session Management Leakage

Tod Beardsley's avatar

Tod Beardsley

ICYMI: 10 Cybersecurity Acronyms You Should Know in 2023

Industry Trends

ICYMI: 10 Cybersecurity Acronyms You Should Know in 2023

Drew Burton's avatar

Drew Burton

[The Lost Bots] S02E06: Play “Experts or Scuttlebutt?” With Us

Industry Trends

[The Lost Bots] S02E06: Play “Experts or Scuttlebutt?” With Us

Rapid7's avatar

Rapid7

Metasploit Weekly Wrap-Up: 12/16/22

Exposure Management

Metasploit Weekly Wrap-Up: 12/16/22

Brendan Watters's avatar

Brendan Watters

Spoiler Alert: Your Favorite Content Might Not Be Secure

Cloud and Devops Security

Spoiler Alert: Your Favorite Content Might Not Be Secure

Aaron Wells's avatar

Aaron Wells

Cloud Audit: Compliance + Automation

Products and Tools

Cloud Audit: Compliance + Automation

Aaron Wells's avatar

Aaron Wells