The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Better Cloud Security Shouldn’t Require Bigger Budgets

Products and Tools

Better Cloud Security Shouldn’t Require Bigger Budgets

Aaron Wells's avatar

Aaron Wells

Rapid7 and HashiCorp Partner to Secure Terraform-based Cloud Infrastructure Deployments

Products and Tools

Rapid7 and HashiCorp Partner to Secure Terraform-based Cloud Infrastructure Deployments

Clint Merrill's avatar

Clint Merrill

Rapid7 Takes Home 2 Awards and a Highly Commended Recognition at the 2022 Belfast Telegraph IT Awards

Cloud and Devops Security

Rapid7 Takes Home 2 Awards and a Highly Commended Recognition at the 2022 Belfast Telegraph IT Awards

Rapid7's avatar

Rapid7

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

Vulnerabilities and Exploits

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

Ron Bowes's avatar

Ron Bowes

How to Develop a SOAR Workflow to Automate a Critical Daily Task

Security Operations

How to Develop a SOAR Workflow to Automate a Critical Daily Task

Ryan Fried's avatar

Ryan Fried

CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities

Threat Research

CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities

Rapid7's avatar

Rapid7

GraphQL Security: The Next Evolution in API Protection

Products and Tools

GraphQL Security: The Next Evolution in API Protection

Ray Cochrane's avatar

Ray Cochrane

Metasploit Weekly Wrap-Up: 11/11/22

Exposure Management

Metasploit Weekly Wrap-Up: 11/11/22

Alan David Foster's avatar

Alan David Foster

Rapid7’s Impact from OpenSSL Buffer Overflow Vulnerabilities (CVE-2022-3786 & CVE-2022-3602)

Vulnerabilities and Exploits

Rapid7’s Impact from OpenSSL Buffer Overflow Vulnerabilities (CVE-2022-3786 & CVE-2022-3602)

Rapid7's avatar

Rapid7

Culture Fitness

Security Operations

Culture Fitness

Jake Godgart's avatar

Jake Godgart

Cloud Security: Buyer Be Critical

Products and Tools

Cloud Security: Buyer Be Critical

Aaron Wells's avatar

Aaron Wells

New Research: Optimizing DAST Vulnerability Triage with Deep Learning

Threat Research

New Research: Optimizing DAST Vulnerability Triage with Deep Learning

Tom Caiazza's avatar

Tom Caiazza

New MITRE Engenuity ATT&CK® Evaluation: Rapid7 MDR Excels

Products and Tools

New MITRE Engenuity ATT&CK® Evaluation: Rapid7 MDR Excels

Warwick Webb's avatar

Warwick Webb

Patch Tuesday - November 2022

Detection and Response

Patch Tuesday - November 2022

Greg Wiseman's avatar

Greg Wiseman

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 4

Detection and Response

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 4

Deral Heiland's avatar

Deral Heiland

Metasploit Weekly Wrap-Up: 11/4/22

Exposure Management

Metasploit Weekly Wrap-Up: 11/4/22

Brendan Watters's avatar

Brendan Watters

Rapid7’s Impact from Apache Commons Text Vulnerability (CVE-2022-42889)

Vulnerabilities and Exploits

Rapid7’s Impact from Apache Commons Text Vulnerability (CVE-2022-42889)

Rapid7's avatar

Rapid7

Go Inside Rapid7 MDR: Timelines and Tick Tocks

Products and Tools

Go Inside Rapid7 MDR: Timelines and Tick Tocks

Mikayla Wyman's avatar

Mikayla Wyman

Common questions when evolving your VM program

Exposure Management

Common questions when evolving your VM program

Rapid7's avatar

Rapid7

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 3

Detection and Response

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 3

Deral Heiland's avatar

Deral Heiland

CVE-2022-3786 and CVE-2022-3602: Two High-Severity Buffer Overflow Vulnerabilities in OpenSSL Fixed

Exposure Management

CVE-2022-3786 and CVE-2022-3602: Two High-Severity Buffer Overflow Vulnerabilities in OpenSSL Fixed

Rapid7's avatar

Rapid7