The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Deepfakes: A Nascent Cybersecurity Threat

Exposure Management

Deepfakes: A Nascent Cybersecurity Threat

Yotam Katz's avatar

Yotam Katz

InsightCloudSec Supports 12 New AWS Services Announced at re:Invent

Products and Tools

InsightCloudSec Supports 12 New AWS Services Announced at re:Invent

Chris DeRamus's avatar

Chris DeRamus

Metasploit Wrap-Up: 12/3/21

Threat Research

Metasploit Wrap-Up: 12/3/21

Spencer McIntyre's avatar

Spencer McIntyre

Hacky Holidays From Rapid7! Announcing Our New Festive Blog Series

Rapid7 Blog

Hacky Holidays From Rapid7! Announcing Our New Festive Blog Series

Jesse Mack's avatar

Jesse Mack

OWASP Top 10 Deep Dive: Identification and Authentication Failures

Cloud and Devops Security

OWASP Top 10 Deep Dive: Identification and Authentication Failures

Nathaniel Hierseman's avatar

Nathaniel Hierseman

Ongoing Exploitation of Windows Installer CVE-2021-41379

Exposure Management

Ongoing Exploitation of Windows Installer CVE-2021-41379

Glenn Thorpe's avatar

Glenn Thorpe

Active Exploitation of Apache HTTP Server CVE-2021-40438

Exposure Management

Active Exploitation of Apache HTTP Server CVE-2021-40438

Caitlin Condon's avatar

Caitlin Condon

Metasploit Wrap-Up: Nov. 26 2021

Threat Research

Metasploit Wrap-Up: Nov. 26 2021

Christophe De La Fuente's avatar

Christophe De La Fuente

OWASP Top 10 Deep Dive: Defending Against Server-Side Request Forgery

Cloud and Devops Security

OWASP Top 10 Deep Dive: Defending Against Server-Side Request Forgery

Neville O'Neill's avatar

Neville O'Neill

Is it the End of the Cybersecurity Skills Gap Crisis Yet?

Security Operations

Is it the End of the Cybersecurity Skills Gap Crisis Yet?

Amy Hunt's avatar

Amy Hunt

Metasploit Wrap-Up: 11/19/21

Threat Research

Metasploit Wrap-Up: 11/19/21

Erin Bleiweiss's avatar

Erin Bleiweiss

A First-Year CISO Shares Her Point of View

Security Operations

A First-Year CISO Shares Her Point of View

Jesse Mack's avatar

Jesse Mack

Make Room for Cloud Security in Your 2022 Budget

Products and Tools

Make Room for Cloud Security in Your 2022 Budget

Shelby Matthews's avatar

Shelby Matthews

Distribute Reports to Email Addresses in InsightVM

Exposure Management

Distribute Reports to Email Addresses in InsightVM

Dane Grace's avatar

Dane Grace

2022 Planning: Prioritizing Defense and Mitigation Through Left of Boom

Security Operations

2022 Planning: Prioritizing Defense and Mitigation Through Left of Boom

boB Rudis's avatar

boB Rudis

Announcing the 2021 Metasploit Community CTF

Products and Tools

Announcing the 2021 Metasploit Community CTF

Caitlin Condon's avatar

Caitlin Condon

Thawing Out the Chilling Effect Of DMCA Section 1201

Industry Trends

Thawing Out the Chilling Effect Of DMCA Section 1201

Harley Geiger's avatar

Harley Geiger

Better Together: XDR, SOAR, Vulnerability Management, and External Threat Intelligence

Detection and Response

Better Together: XDR, SOAR, Vulnerability Management, and External Threat Intelligence

Matthew Gardiner's avatar

Matthew Gardiner

Metasploit Wrap-Up: Nov. 12, 2021

Exposure Management

Metasploit Wrap-Up: Nov. 12, 2021

Alan David Foster's avatar

Alan David Foster

Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 4

Threat Research

Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 4

Deral Heiland's avatar

Deral Heiland

Time to Act: Bridging the Gap in Cloud Automation Adoption

Threat Research

Time to Act: Bridging the Gap in Cloud Automation Adoption

Erica Azad's avatar

Erica Azad