The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
InsightIDR Was XDR Before XDR Was Even a Thing: An Origin Story

Detection and Response

InsightIDR Was XDR Before XDR Was Even a Thing: An Origin Story

Sam Adams's avatar

Sam Adams

OWASP Top 10 Deep Dive: Getting a Clear View on Vulnerable and Outdated Components

Cloud and Devops Security

OWASP Top 10 Deep Dive: Getting a Clear View on Vulnerable and Outdated Components

Amukta Nayak's avatar

Amukta Nayak

Metasploit Wrap-Up: 11/5/21

Exposure Management

Metasploit Wrap-Up: 11/5/21

Spencer McIntyre's avatar

Spencer McIntyre

New NPM library hijacks (coa and rc)

Vulnerabilities and Exploits

New NPM library hijacks (coa and rc)

Caitlin Condon's avatar

Caitlin Condon

2022 Planning: The Path to Effective Cybersecurity Maturity

Security Operations

2022 Planning: The Path to Effective Cybersecurity Maturity

Jesse Mack's avatar

Jesse Mack

Trojan Source CVE-2021-42572: No Panic Necessary

Vulnerabilities and Exploits

Trojan Source CVE-2021-42572: No Panic Necessary

boB Rudis's avatar

boB Rudis

Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 3

Threat Research

Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 3

Deral Heiland's avatar

Deral Heiland

Building Threat-Informed Defenses: Rapid7 Experts Share Their Thoughts on MITRE ATT&CK

Security Operations

Building Threat-Informed Defenses: Rapid7 Experts Share Their Thoughts on MITRE ATT&CK

Margaret Wei's avatar

Margaret Wei

InsightVM Scan Diagnostics: Troubleshooting Credential Issues for Authenticated Scanning

Products and Tools

InsightVM Scan Diagnostics: Troubleshooting Credential Issues for Authenticated Scanning

Greg Wiseman's avatar

Greg Wiseman

A Matter of Perspective: Agent-Based and Agentless Approaches to Cloud Security, Part 2

Cloud and Devops Security

A Matter of Perspective: Agent-Based and Agentless Approaches to Cloud Security, Part 2

Amit Bawer's avatar

Amit Bawer

Solving the Access Goldilocks Problem: RBAC for InsightAppSec Is Here

Products and Tools

Solving the Access Goldilocks Problem: RBAC for InsightAppSec Is Here

Tom Caiazza's avatar

Tom Caiazza

GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild

Exposure Management

GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild

Jake Baines's avatar

Jake Baines

Metasploit Wrap-Up: Oct. 29, 2021

Exposure Management

Metasploit Wrap-Up: Oct. 29, 2021

Grant Willcox's avatar

Grant Willcox

Infostealer Malware Masquerades as Windows Application

Threat Research

Infostealer Malware Masquerades as Windows Application

Andrew Iwamaye's avatar

Andrew Iwamaye

Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 2

Detection and Response

Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 2

Deral Heiland's avatar

Deral Heiland

Rapid7 Announces Tampa Office Opening

Rapid7 Blog

Rapid7 Announces Tampa Office Opening

Rapid7's avatar

Rapid7

NPM Library (ua-parser-js) Hijacked: What You Need to Know

Vulnerabilities and Exploits

NPM Library (ua-parser-js) Hijacked: What You Need to Know

Glenn Thorpe's avatar

Glenn Thorpe

Recog: Data Rules Everything Around Me

Industry Trends

Recog: Data Rules Everything Around Me

Matthew Kienow's avatar

Matthew Kienow

2022 Planning: Designing Effective Strategies to Manage Supply Chain Risk

Exposure Management

2022 Planning: Designing Effective Strategies to Manage Supply Chain Risk

Jesse Mack's avatar

Jesse Mack

Metasploit Wrap-Up: 10/22/21

Exposure Management

Metasploit Wrap-Up: 10/22/21

Dean Welch's avatar

Dean Welch

Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 1

Detection and Response

Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 1

Deral Heiland's avatar

Deral Heiland