The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Featured posts

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

3626 Results

How to Foster Talent in a Cybersecurity Skills Gap

Industry Trends

How to Foster Talent in a Cybersecurity Skills Gap

Jake Godgart

CVE-2021-39144: VMware Cloud Foundation Unauthenticated Remote Code Execution

Vulnerabilities and Exploits

CVE-2021-39144: VMware Cloud Foundation Unauthenticated Remote Code Execution

Caitlin Condon

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 2

Detection and Response

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 2

Deral Heiland

Adapting existing VM programs to regain control

Products and Tools

Adapting existing VM programs to regain control

Ryan Blanchard

Metasploit Weekly Wrap-Up: 10/21/22

Exposure Management

Metasploit Weekly Wrap-Up: 10/21/22

Spencer McIntyre

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

Threat Research

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

Tod Beardsley

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Part 1

Detection and Response

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Part 1

Deral Heiland

FLEXlm and Citrix ADM Denial of Service Vulnerability

Threat Research

FLEXlm and Citrix ADM Denial of Service Vulnerability

Ron Bowes

Emerging best practices for securing cloud-native environments

Products and Tools

Emerging best practices for securing cloud-native environments

Rapid7

CVE-2022-42889: Keep Calm and Stop Saying "Text4Shell"

Exposure Management

CVE-2022-42889: Keep Calm and Stop Saying "Text4Shell"

Erick Galinkin

Addressing the Evolving Attack Surface Part 1: Modern Challenges

Detection and Response

Addressing the Evolving Attack Surface Part 1: Modern Challenges

Bria Grangard

Metasploit Wrap-Up: 10/14/22

Exposure Management

Metasploit Wrap-Up: 10/14/22

Christophe De La Fuente

Cloud IAM Done Right: How LPA Helps Significantly Reduce Cloud Risk

Security Operations

Cloud IAM Done Right: How LPA Helps Significantly Reduce Cloud Risk

Ryan Blanchard

A SIEM With a Pen Tester's Eye: How Offensive Security Helps Shape InsightIDR

Exposure Management

A SIEM With a Pen Tester's Eye: How Offensive Security Helps Shape InsightIDR

Rapid7

The Intelligent Listing: Cybersecurity Job Descriptions That Deliver

Security Operations

The Intelligent Listing: Cybersecurity Job Descriptions That Deliver

Jake Godgart

Rapid7 Recognized in the 2022 Gartner® Magic Quadrant™ for SIEM

Detection and Response

Rapid7 Recognized in the 2022 Gartner® Magic Quadrant™ for SIEM

Meaghan Buchanan

Real-Time Risk Mitigation in Google Cloud Platform

Products and Tools

Real-Time Risk Mitigation in Google Cloud Platform

Ben Austin

Patch Tuesday - October 2022

Detection and Response

Patch Tuesday - October 2022

Greg Wiseman

Metasploit Weekly Wrap-Up: Oct. 7, 2022

Exposure Management

Metasploit Weekly Wrap-Up: Oct. 7, 2022

Grant Willcox

CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies

Vulnerabilities and Exploits

CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies

Glenn Thorpe

Exploitation of Unpatched Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite (CVE-2022-41352)

Exposure Management

Exploitation of Unpatched Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite (CVE-2022-41352)

Ron Bowes