Rapid7

The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Are You in the 2.5% Who Meet This Cybersecurity Job Requirement?

Security Operations

Are You in the 2.5% Who Meet This Cybersecurity Job Requirement?

Amy Hunt's avatar

Amy Hunt

CVE-2022-22972: Critical Authentication Bypass in VMware Workspace ONE Access, Identity Manager, and vRealize Automation

Exposure Management

CVE-2022-22972: Critical Authentication Bypass in VMware Workspace ONE Access, Identity Manager, and vRealize Automation

Jake Baines's avatar

Jake Baines

Find, Fix, and Report ​OWASP Top 10 Vulnerabilities in InsightAppSec

Products and Tools

Find, Fix, and Report ​OWASP Top 10 Vulnerabilities in InsightAppSec

Adrian Stewart's avatar

Adrian Stewart

Maximize Your VM Investment: Fix Vulnerabilities Faster With Automox + Rapid7

Industry Trends

Maximize Your VM Investment: Fix Vulnerabilities Faster With Automox + Rapid7

Nicholas Colyer's avatar

Nicholas Colyer

Metasploit Weekly Wrap-Up: 5/13/22

Exposure Management

Metasploit Weekly Wrap-Up: 5/13/22

Erin Bleiweiss's avatar

Erin Bleiweiss

Update for CIS Google Cloud Platform Foundation Benchmarks - Version 1.3.0

Products and Tools

Update for CIS Google Cloud Platform Foundation Benchmarks - Version 1.3.0

Ryan Blanchard's avatar

Ryan Blanchard

Rapid7 Analysis: CVE-2022-30525

Threat Research

Rapid7 Analysis: CVE-2022-30525

Rapid7 Labs's avatar

Rapid7 Labs

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Vulnerabilities and Exploits

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Jake Baines's avatar

Jake Baines

Rapid7 Analysis: CVE-2022-1388

Threat Research

Rapid7 Analysis: CVE-2022-1388

Rapid7 Labs's avatar

Rapid7 Labs

Patch Tuesday - May 2022

Detection and Response

Patch Tuesday - May 2022

Greg Wiseman's avatar

Greg Wiseman

What's Changed for Cybersecurity in Banking and Finance: New Study

Exposure Management

What's Changed for Cybersecurity in Banking and Finance: New Study

Jesse Mack's avatar

Jesse Mack

Active Exploitation of F5 BIG-IP iControl REST CVE-2022-1388

Exposure Management

Active Exploitation of F5 BIG-IP iControl REST CVE-2022-1388

Ron Bowes's avatar

Ron Bowes

[Infographic] Cloud Misconfigurations: Don't Become a Breach Statistic

Threat Research

[Infographic] Cloud Misconfigurations: Don't Become a Breach Statistic

Rapid7's avatar

Rapid7

Metasploit Wrap-Up: May 6, 2022

Exposure Management

Metasploit Wrap-Up: May 6, 2022

Alan David Foster's avatar

Alan David Foster

Rapid7’s first comic: XDR vs. Exploito

Detection and Response

Rapid7’s first comic: XDR vs. Exploito

Amy Hunt's avatar

Amy Hunt

Rapid7 Analysis: CVE-2022-29799 "Nimbuspwn"

Threat Research

Rapid7 Analysis: CVE-2022-29799 "Nimbuspwn"

Rapid7 Labs's avatar

Rapid7 Labs

XSS in JSON: Old-School Attacks for Modern Applications

Cloud and Devops Security

XSS in JSON: Old-School Attacks for Modern Applications

Julius Callahan's avatar

Julius Callahan

Is Your Kubernetes Cluster Ready for Version 1.24?

Cloud and Devops Security

Is Your Kubernetes Cluster Ready for Version 1.24?

Alon Berger's avatar

Alon Berger

MDR, MEDR, SOCaaS: Which Is Right for You?

Security Operations

MDR, MEDR, SOCaaS: Which Is Right for You?

Aaron Wells's avatar

Aaron Wells

Rapid7 Analysis: CVE-2022-22954

Threat Research

Rapid7 Analysis: CVE-2022-22954

Rapid7 Labs's avatar

Rapid7 Labs

Cloud-Native Application Protection (CNAPP): What's Behind the Hype?

Products and Tools

Cloud-Native Application Protection (CNAPP): What's Behind the Hype?

Jesse Mack's avatar

Jesse Mack