The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
Opportunistic Exploitation of Zoho ManageEngine and Sitecore CVEs

Vulnerabilities and Exploits

Opportunistic Exploitation of Zoho ManageEngine and Sitecore CVEs

Caitlin Condon's avatar

Caitlin Condon

InsightIDR Was XDR Before XDR Was Even a Thing: An Origin Story

Detection and Response

InsightIDR Was XDR Before XDR Was Even a Thing: An Origin Story

Sam Adams's avatar

Sam Adams

OWASP Top 10 Deep Dive: Getting a Clear View on Vulnerable and Outdated Components

Cloud and Devops Security

OWASP Top 10 Deep Dive: Getting a Clear View on Vulnerable and Outdated Components

Amukta Nayak's avatar

Amukta Nayak

Metasploit Wrap-Up: 11/5/21

Exposure Management

Metasploit Wrap-Up: 11/5/21

Spencer McIntyre's avatar

Spencer McIntyre

New NPM library hijacks (coa and rc)

Vulnerabilities and Exploits

New NPM library hijacks (coa and rc)

Caitlin Condon's avatar

Caitlin Condon

2022 Planning: The Path to Effective Cybersecurity Maturity

Security Operations

2022 Planning: The Path to Effective Cybersecurity Maturity

Jesse Mack's avatar

Jesse Mack

Trojan Source CVE-2021-42572: No Panic Necessary

Vulnerabilities and Exploits

Trojan Source CVE-2021-42572: No Panic Necessary

boB Rudis's avatar

boB Rudis

Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 3

Threat Research

Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 3

Deral Heiland's avatar

Deral Heiland

Building Threat-Informed Defenses: Rapid7 Experts Share Their Thoughts on MITRE ATT&CK

Security Operations

Building Threat-Informed Defenses: Rapid7 Experts Share Their Thoughts on MITRE ATT&CK

Margaret Wei's avatar

Margaret Wei

InsightVM Scan Diagnostics: Troubleshooting Credential Issues for Authenticated Scanning

Products and Tools

InsightVM Scan Diagnostics: Troubleshooting Credential Issues for Authenticated Scanning

Greg Wiseman's avatar

Greg Wiseman

A Matter of Perspective: Agent-Based and Agentless Approaches to Cloud Security, Part 2

Cloud and Devops Security

A Matter of Perspective: Agent-Based and Agentless Approaches to Cloud Security, Part 2

Amit Bawer's avatar

Amit Bawer

Solving the Access Goldilocks Problem: RBAC for InsightAppSec Is Here

Products and Tools

Solving the Access Goldilocks Problem: RBAC for InsightAppSec Is Here

Tom Caiazza's avatar

Tom Caiazza

GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild

Exposure Management

GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild

Jake Baines's avatar

Jake Baines

Metasploit Wrap-Up: Oct. 29, 2021

Exposure Management

Metasploit Wrap-Up: Oct. 29, 2021

Grant Willcox's avatar

Grant Willcox

Infostealer Malware Masquerades as Windows Application

Threat Research

Infostealer Malware Masquerades as Windows Application

Andrew Iwamaye's avatar

Andrew Iwamaye

Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 2

Detection and Response

Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 2

Deral Heiland's avatar

Deral Heiland

Rapid7 Announces Tampa Office Opening

Rapid7 Blog

Rapid7 Announces Tampa Office Opening

Rapid7's avatar

Rapid7

NPM Library (ua-parser-js) Hijacked: What You Need to Know

Vulnerabilities and Exploits

NPM Library (ua-parser-js) Hijacked: What You Need to Know

Glenn Thorpe's avatar

Glenn Thorpe

Recog: Data Rules Everything Around Me

Industry Trends

Recog: Data Rules Everything Around Me

Matthew Kienow's avatar

Matthew Kienow

2022 Planning: Designing Effective Strategies to Manage Supply Chain Risk

Exposure Management

2022 Planning: Designing Effective Strategies to Manage Supply Chain Risk

Jesse Mack's avatar

Jesse Mack

Metasploit Wrap-Up: 10/22/21

Exposure Management

Metasploit Wrap-Up: 10/22/21

Dean Welch's avatar

Dean Welch