The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Featured posts

Introducing Rapid7 MDR for Microsoft

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

How Modern SOCs are Fighting against Alert Fatigue

Introducing Rapid7 MDR for Microsoft

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

How Modern SOCs are Fighting against Alert Fatigue

3684 Results

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

Threat Research

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

Tod Beardsley

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Part 1

Detection and Response

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Part 1

Deral Heiland

FLEXlm and Citrix ADM Denial of Service Vulnerability

Threat Research

FLEXlm and Citrix ADM Denial of Service Vulnerability

Ron Bowes

Emerging best practices for securing cloud-native environments

Products and Tools

Emerging best practices for securing cloud-native environments

Rapid7

CVE-2022-42889: Keep Calm and Stop Saying "Text4Shell"

Exposure Management

CVE-2022-42889: Keep Calm and Stop Saying "Text4Shell"

Erick Galinkin

Addressing the Evolving Attack Surface Part 1: Modern Challenges

Detection and Response

Addressing the Evolving Attack Surface Part 1: Modern Challenges

Bria Grangard

Metasploit Wrap-Up: 10/14/22

Exposure Management

Metasploit Wrap-Up: 10/14/22

Christophe De La Fuente

Cloud IAM Done Right: How LPA Helps Significantly Reduce Cloud Risk

Security Operations

Cloud IAM Done Right: How LPA Helps Significantly Reduce Cloud Risk

Ryan Blanchard

A SIEM With a Pen Tester's Eye: How Offensive Security Helps Shape InsightIDR

Exposure Management

A SIEM With a Pen Tester's Eye: How Offensive Security Helps Shape InsightIDR

Rapid7

The Intelligent Listing: Cybersecurity Job Descriptions That Deliver

Security Operations

The Intelligent Listing: Cybersecurity Job Descriptions That Deliver

Jake Godgart

Rapid7 Recognized in the 2022 Gartner® Magic Quadrant™ for SIEM

Detection and Response

Rapid7 Recognized in the 2022 Gartner® Magic Quadrant™ for SIEM

Meaghan Buchanan

Real-Time Risk Mitigation in Google Cloud Platform

Products and Tools

Real-Time Risk Mitigation in Google Cloud Platform

Ben Austin

Patch Tuesday - October 2022

Detection and Response

Patch Tuesday - October 2022

Greg Wiseman

Metasploit Weekly Wrap-Up: Oct. 7, 2022

Exposure Management

Metasploit Weekly Wrap-Up: Oct. 7, 2022

Grant Willcox

CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies

Vulnerabilities and Exploits

CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies

Glenn Thorpe

Exploitation of Unpatched Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite (CVE-2022-41352)

Exposure Management

Exploitation of Unpatched Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite (CVE-2022-41352)

Ron Bowes

What's New in InsightIDR: Q3 2022 in Review

Products and Tools

What's New in InsightIDR: Q3 2022 in Review

KJ McCann

Velociraptor Version 0.6.6: Multi-Tenant Mode and More Let You Dig Deeper at Scale Like Never Before

Detection and Response

Velociraptor Version 0.6.6: Multi-Tenant Mode and More Let You Dig Deeper at Scale Like Never Before

Carlos Canto

Metasploit Weekly Wrap-Up: Sep. 30, 2022

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 30, 2022

Dean Welch

CVE-2022-41040 and CVE-2022-41082: Unpatched Zero-Day Vulnerabilities in Microsoft Exchange Server

Exposure Management

CVE-2022-41040 and CVE-2022-41082: Unpatched Zero-Day Vulnerabilities in Microsoft Exchange Server

Caitlin Condon

[The Lost Bots] S02E04: Cyber's Most Dangerous Game — Threat Hunting

Industry Trends

[The Lost Bots] S02E04: Cyber's Most Dangerous Game — Threat Hunting

Rapid7