The Rapid7 Blog:
Your Signal in the Security Noise
Insights, stories, and guidance from our global security and research teams.
Featured posts
3894 Results

Detection and Response
Better Together: XDR, SOAR, Vulnerability Management, and External Threat Intelligence
Matthew Gardiner

Exposure Management
Metasploit Wrap-Up: Nov. 12, 2021
Alan David Foster

Threat Research
Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 4
Deral Heiland

Threat Research
Time to Act: Bridging the Gap in Cloud Automation Adoption
Erica Azad

Industry Trends
Update to GLBA Security Requirements for Financial Institutions
Harley Geiger

Exposure Management
CVE-2021-43287 Allows Pre-Authenticated Build Takeover of GoCD Pipelines
Caitlin Condon

Products and Tools
tCell by Rapid7 Supports the Newly Released .NET 6.0
Bria Grangard

Threat Research
Rapid7 Analysis: Pre-Auth Takeover of Build Pipelines in GoCD (CVE-2021-43287)
Rapid7 Labs

Vulnerabilities and Exploits
Opportunistic Exploitation of Zoho ManageEngine and Sitecore CVEs
Caitlin Condon

Threat Research
Rapid7 Analysis: CVE-2021-42237
Rapid7 Labs

Detection and Response
InsightIDR Was XDR Before XDR Was Even a Thing: An Origin Story
Sam Adams

Cloud and Devops Security
OWASP Top 10 Deep Dive: Getting a Clear View on Vulnerable and Outdated Components
Amukta Nayak

Exposure Management
Metasploit Wrap-Up: 11/5/21
Spencer McIntyre

Vulnerabilities and Exploits
New NPM library hijacks (coa and rc)
Caitlin Condon

Security Operations
2022 Planning: The Path to Effective Cybersecurity Maturity
Jesse Mack

Vulnerabilities and Exploits
Trojan Source CVE-2021-42572: No Panic Necessary
boB Rudis

Threat Research
Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 3
Deral Heiland

Security Operations
Building Threat-Informed Defenses: Rapid7 Experts Share Their Thoughts on MITRE ATT&CK
Margaret Wei

Products and Tools
InsightVM Scan Diagnostics: Troubleshooting Credential Issues for Authenticated Scanning
Greg Wiseman

Cloud and Devops Security
A Matter of Perspective: Agent-Based and Agentless Approaches to Cloud Security, Part 2
Amit Bawer

Products and Tools
Solving the Access Goldilocks Problem: RBAC for InsightAppSec Is Here
Tom Caiazza


