The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
XSS in JSON: Old-School Attacks for Modern Applications

Cloud and Devops Security

XSS in JSON: Old-School Attacks for Modern Applications

Julius Callahan's avatar

Julius Callahan

Is Your Kubernetes Cluster Ready for Version 1.24?

Cloud and Devops Security

Is Your Kubernetes Cluster Ready for Version 1.24?

Alon Berger's avatar

Alon Berger

MDR, MEDR, SOCaaS: Which Is Right for You?

Security Operations

MDR, MEDR, SOCaaS: Which Is Right for You?

Aaron Wells's avatar

Aaron Wells

Cloud-Native Application Protection (CNAPP): What's Behind the Hype?

Products and Tools

Cloud-Native Application Protection (CNAPP): What's Behind the Hype?

Jesse Mack's avatar

Jesse Mack

Metasploit Wrap-Up: 4/29/22

Products and Tools

Metasploit Wrap-Up: 4/29/22

Shelby Pace's avatar

Shelby Pace

Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954

Exposure Management

Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954

Caitlin Condon's avatar

Caitlin Condon

How to Strategically Scale Vendor Management and Supply Chain Security

Detection and Response

How to Strategically Scale Vendor Management and Supply Chain Security

AJ Debole's avatar

AJ Debole

Velociraptor Version 0.6.4: Dead Disk Forensics and Better Path Handling Let You Dig Deeper

Detection and Response

Velociraptor Version 0.6.4: Dead Disk Forensics and Better Path Handling Let You Dig Deeper

Carlos Canto's avatar

Carlos Canto

Opportunistic Exploitation of WSO2 CVE-2022-29464

Exposure Management

Opportunistic Exploitation of WSO2 CVE-2022-29464

Jake Baines's avatar

Jake Baines

Metasploit Weekly Wrap-Up: 4/22/22

Exposure Management

Metasploit Weekly Wrap-Up: 4/22/22

Dean Welch's avatar

Dean Welch

Rapid7 Named a Visionary in 2022 Magic Quadrant™ for Application Security Testing Second Year in a Row

Products and Tools

Rapid7 Named a Visionary in 2022 Magic Quadrant™ for Application Security Testing Second Year in a Row

Bria Grangard's avatar

Bria Grangard

2022 Cloud Misconfigurations Report: Cloud Security Breaches and Attack Trends

Threat Research

2022 Cloud Misconfigurations Report: Cloud Security Breaches and Attack Trends

Jacob Roundy's avatar

Jacob Roundy

What's New in InsightVM and Nexpose: Q1 2022 in Review

Products and Tools

What's New in InsightVM and Nexpose: Q1 2022 in Review

Roshnee Mistry Shah's avatar

Roshnee Mistry Shah

Metasploit Weekly Wrap-Up: 4/15/22

Exposure Management

Metasploit Weekly Wrap-Up: 4/15/22

Spencer McIntyre's avatar

Spencer McIntyre

InsightAppSec and tCell Bring New DevSecOps Improvements in Q1

Products and Tools

InsightAppSec and tCell Bring New DevSecOps Improvements in Q1

Nate Crampton's avatar

Nate Crampton

InsightCloudSec Supports the Recently Updated NSA/CISA Kubernetes Hardening Guide

Exposure Management

InsightCloudSec Supports the Recently Updated NSA/CISA Kubernetes Hardening Guide

Alon Berger's avatar

Alon Berger

CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)

Exposure Management

CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)

Jake Baines's avatar

Jake Baines

Patch Tuesday - April 2022

Detection and Response

Patch Tuesday - April 2022

Greg Wiseman's avatar

Greg Wiseman

CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed)

Exposure Management

CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed)

Jake Baines's avatar

Jake Baines

3 Ways InsightIDR Users Are Achieving XDR Outcomes

Products and Tools

3 Ways InsightIDR Users Are Achieving XDR Outcomes

Jesse Mack's avatar

Jesse Mack

Metasploit Wrap-Up: 4/8/22

Products and Tools

Metasploit Wrap-Up: 4/8/22

Simon Janusz's avatar

Simon Janusz