The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
Metasploit Weekly Wrap-Up: Mar. 4, 2022

Vulnerabilities and Exploits

Metasploit Weekly Wrap-Up: Mar. 4, 2022

Shelby Pace's avatar

Shelby Pace

Graph Analysis of the Conti Ransomware Group Internal Chats

Detection and Response

Graph Analysis of the Conti Ransomware Group Internal Chats

Rapid7's avatar

Rapid7

Russia-Ukraine Cybersecurity Updates

Threat Research

Russia-Ukraine Cybersecurity Updates

Rapid7's avatar

Rapid7

The Top 5 Russian Cyber Threat Actors to Watch

Threat Research

The Top 5 Russian Cyber Threat Actors to Watch

Rapid7's avatar

Rapid7

CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)

Threat Research

CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)

Jake Baines's avatar

Jake Baines

InsightAppSec GitHub Integration Keeps Risky Code From Reaching Production

Products and Tools

InsightAppSec GitHub Integration Keeps Risky Code From Reaching Production

Nate Crampton's avatar

Nate Crampton

Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict

Threat Research

Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict

Rapid7's avatar

Rapid7

Metasploit Weekly Wrap-Up: 2/25/22

Exposure Management

Metasploit Weekly Wrap-Up: 2/25/22

Spencer McIntyre's avatar

Spencer McIntyre

Russia/Ukraine Conflict: What Is Rapid7 Doing to Protect My Organization?

Vulnerabilities and Exploits

Russia/Ukraine Conflict: What Is Rapid7 Doing to Protect My Organization?

Rapid7's avatar

Rapid7

Staying Secure in a Global Cyber Conflict

Vulnerabilities and Exploits

Staying Secure in a Global Cyber Conflict

Rapid7's avatar

Rapid7

Demystifying XDR: How Curated Detections Filter Out the Noise

Products and Tools

Demystifying XDR: How Curated Detections Filter Out the Noise

Jesse Mack's avatar

Jesse Mack

For Health Insurance Companies, Web Apps Can Be an Open Wound

Threat Research

For Health Insurance Companies, Web Apps Can Be an Open Wound

Paul Prudhomme's avatar

Paul Prudhomme

This CISO Isn’t Real, But His Problems Sure Are

Security Operations

This CISO Isn’t Real, But His Problems Sure Are

Amy Hunt's avatar

Amy Hunt

Metasploit Weekly Wrap-Up: 2/18/22

Exposure Management

Metasploit Weekly Wrap-Up: 2/18/22

Erin Bleiweiss's avatar

Erin Bleiweiss

What's New in InsightVM and Nexpose: Q4 2021 in Review

Products and Tools

What's New in InsightVM and Nexpose: Q4 2021 in Review

Bei Wang's avatar

Bei Wang

Log4Shell 2 Months Later: Security Strategies for the Internet's New Normal

Exposure Management

Log4Shell 2 Months Later: Security Strategies for the Internet's New Normal

Jesse Mack's avatar

Jesse Mack

Cloud Security and Compliance: The Ultimate Frenemies of Financial Services

Products and Tools

Cloud Security and Compliance: The Ultimate Frenemies of Financial Services

Ben Austin's avatar

Ben Austin

The Future of Finserv Security: Cloud Expert and Former CISO Anthony Johnson Weighs In

Industry Trends

The Future of Finserv Security: Cloud Expert and Former CISO Anthony Johnson Weighs In

Rapid7's avatar

Rapid7

Prudent Cybersecurity Preparation for the Potential Russia-Ukraine Conflict

Industry Trends

Prudent Cybersecurity Preparation for the Potential Russia-Ukraine Conflict

boB Rudis's avatar

boB Rudis

How InsightAppSec Detects Log4Shell: Your Questions Answered

Products and Tools

How InsightAppSec Detects Log4Shell: Your Questions Answered

Alex Hanlon's avatar

Alex Hanlon

Dropping Files on a Domain Controller Using CVE-2021-43893

Exposure Management

Dropping Files on a Domain Controller Using CVE-2021-43893

Jake Baines's avatar

Jake Baines