The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Featured posts

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

3617 Results

New Research: Optimizing DAST Vulnerability Triage with Deep Learning

Threat Research

New Research: Optimizing DAST Vulnerability Triage with Deep Learning

Tom Caiazza

New MITRE Engenuity ATT&CK® Evaluation: Rapid7 MDR Excels

Products and Tools

New MITRE Engenuity ATT&CK® Evaluation: Rapid7 MDR Excels

Warwick Webb

Patch Tuesday - November 2022

Detection and Response

Patch Tuesday - November 2022

Greg Wiseman

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 4

Detection and Response

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 4

Deral Heiland

Metasploit Weekly Wrap-Up: 11/4/22

Exposure Management

Metasploit Weekly Wrap-Up: 11/4/22

Brendan Watters

Rapid7’s Impact from Apache Commons Text Vulnerability (CVE-2022-42889)

Vulnerabilities and Exploits

Rapid7’s Impact from Apache Commons Text Vulnerability (CVE-2022-42889)

Rapid7

Go Inside Rapid7 MDR: Timelines and Tick Tocks

Products and Tools

Go Inside Rapid7 MDR: Timelines and Tick Tocks

Mikayla Wyman

Common questions when evolving your VM program

Exposure Management

Common questions when evolving your VM program

Rapid7

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 3

Detection and Response

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 3

Deral Heiland

CVE-2022-3786 and CVE-2022-3602: Two High-Severity Buffer Overflow Vulnerabilities in OpenSSL Fixed

Exposure Management

CVE-2022-3786 and CVE-2022-3602: Two High-Severity Buffer Overflow Vulnerabilities in OpenSSL Fixed

Rapid7

7 Rapid Questions with Toshio Honda, Sr. Security Solutions Engineer

Rapid7 Blog

7 Rapid Questions with Toshio Honda, Sr. Security Solutions Engineer

Rapid7

Metasploit Weekly Wrap-Up: Oct. 28, 2022

Exposure Management

Metasploit Weekly Wrap-Up: Oct. 28, 2022

Shelby Pace

How to Foster Talent in a Cybersecurity Skills Gap

Industry Trends

How to Foster Talent in a Cybersecurity Skills Gap

Jake Godgart

CVE-2021-39144: VMware Cloud Foundation Unauthenticated Remote Code Execution

Vulnerabilities and Exploits

CVE-2021-39144: VMware Cloud Foundation Unauthenticated Remote Code Execution

Caitlin Condon

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 2

Detection and Response

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 2

Deral Heiland

Adapting existing VM programs to regain control

Products and Tools

Adapting existing VM programs to regain control

Ryan Blanchard

Metasploit Weekly Wrap-Up: 10/21/22

Exposure Management

Metasploit Weekly Wrap-Up: 10/21/22

Spencer McIntyre

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

Threat Research

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

Tod Beardsley

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Part 1

Detection and Response

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Part 1

Deral Heiland

FLEXlm and Citrix ADM Denial of Service Vulnerability

Threat Research

FLEXlm and Citrix ADM Denial of Service Vulnerability

Ron Bowes

Emerging best practices for securing cloud-native environments

Products and Tools

Emerging best practices for securing cloud-native environments

Rapid7