Rapid7

The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
Driver-Based Attacks: Past and Present

Vulnerabilities and Exploits

Driver-Based Attacks: Past and Present

Jake Baines's avatar

Jake Baines

Metasploit Wrap-Up 12/10/21

Threat Research

Metasploit Wrap-Up 12/10/21

Jeffrey Martin's avatar

Jeffrey Martin

Widespread Exploitation of Critical Remote Code Execution in Apache Log4j

Exposure Management

Widespread Exploitation of Critical Remote Code Execution in Apache Log4j

boB Rudis's avatar

boB Rudis

Stay Ahead of Threats With Cloud Workload Protection

Products and Tools

Stay Ahead of Threats With Cloud Workload Protection

Alon Berger's avatar

Alon Berger

Simplifying Complex Cybersecurity Regulations

Industry Trends

Simplifying Complex Cybersecurity Regulations

Harley Geiger's avatar

Harley Geiger

A Dream Team-Up: Integrate InsightAppSec With ServiceNow ITSM

Products and Tools

A Dream Team-Up: Integrate InsightAppSec With ServiceNow ITSM

Tom Caiazza's avatar

Tom Caiazza

Patch Now: SonicWall Fixes Multiple Vulnerabilities in SMA 100 Devices

Exposure Management

Patch Now: SonicWall Fixes Multiple Vulnerabilities in SMA 100 Devices

Glenn Thorpe's avatar

Glenn Thorpe

Demystifying XDR: A Forrester Analyst Lays the Foundation

Products and Tools

Demystifying XDR: A Forrester Analyst Lays the Foundation

Jesse Mack's avatar

Jesse Mack

Oh No, Zoho: Active Exploitation of CVE-2021-44077 Allowing Unauthenticated Remote Code Execution

Exposure Management

Oh No, Zoho: Active Exploitation of CVE-2021-44077 Allowing Unauthenticated Remote Code Execution

Glenn Thorpe's avatar

Glenn Thorpe

3 Strategies That Are More Productive Than Hack Back

Detection and Response

3 Strategies That Are More Productive Than Hack Back

boB Rudis's avatar

boB Rudis

Congrats to the Winners of the 2021 Metasploit Community CTF

Products and Tools

Congrats to the Winners of the 2021 Metasploit Community CTF

Spencer McIntyre's avatar

Spencer McIntyre

Kubernetes Guardrails: Bringing DevOps and Security Together on Cloud

Products and Tools

Kubernetes Guardrails: Bringing DevOps and Security Together on Cloud

Alon Berger's avatar

Alon Berger

Deepfakes: A Nascent Cybersecurity Threat

Exposure Management

Deepfakes: A Nascent Cybersecurity Threat

Yotam Katz's avatar

Yotam Katz

InsightCloudSec Supports 12 New AWS Services Announced at re:Invent

Products and Tools

InsightCloudSec Supports 12 New AWS Services Announced at re:Invent

Chris DeRamus's avatar

Chris DeRamus

Metasploit Wrap-Up: 12/3/21

Threat Research

Metasploit Wrap-Up: 12/3/21

Spencer McIntyre's avatar

Spencer McIntyre

Hacky Holidays From Rapid7! Announcing Our New Festive Blog Series

Rapid7 Blog

Hacky Holidays From Rapid7! Announcing Our New Festive Blog Series

Jesse Mack's avatar

Jesse Mack

OWASP Top 10 Deep Dive: Identification and Authentication Failures

Cloud and Devops Security

OWASP Top 10 Deep Dive: Identification and Authentication Failures

Nathaniel Hierseman's avatar

Nathaniel Hierseman

Ongoing Exploitation of Windows Installer CVE-2021-41379

Exposure Management

Ongoing Exploitation of Windows Installer CVE-2021-41379

Glenn Thorpe's avatar

Glenn Thorpe

Active Exploitation of Apache HTTP Server CVE-2021-40438

Exposure Management

Active Exploitation of Apache HTTP Server CVE-2021-40438

Caitlin Condon's avatar

Caitlin Condon

Metasploit Wrap-Up: Nov. 26 2021

Threat Research

Metasploit Wrap-Up: Nov. 26 2021

Christophe De La Fuente's avatar

Christophe De La Fuente

OWASP Top 10 Deep Dive: Defending Against Server-Side Request Forgery

Cloud and Devops Security

OWASP Top 10 Deep Dive: Defending Against Server-Side Request Forgery

Neville O'Neill's avatar

Neville O'Neill