The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
How to Protect the File System from Your App with WAFs and RASP

Products and Tools

How to Protect the File System from Your App with WAFs and RASP

Boris Chen's avatar

Boris Chen

Metasploit Wrap-Up 8/9/19

Products and Tools

Metasploit Wrap-Up 8/9/19

James Barnett's avatar

James Barnett

This One Time on a Pen Test: Paging Doctor Hackerman

Industry Trends

This One Time on a Pen Test: Paging Doctor Hackerman

Nick Powers's avatar

Nick Powers

The Importance of Preventing and Detecting Malicious PowerShell Attacks

Detection and Response

The Importance of Preventing and Detecting Malicious PowerShell Attacks

Rohit Chettiar's avatar

Rohit Chettiar

How to Monitor Your AWS S3 Activity with InsightIDR

Detection and Response

How to Monitor Your AWS S3 Activity with InsightIDR

Alan Foster's avatar

Alan Foster

Should You Use a SAST, DAST, or RASP Application Security Tool?

Cloud and Devops Security

Should You Use a SAST, DAST, or RASP Application Security Tool?

Garrett Gross's avatar

Garrett Gross

Metasploit Wrap-Up 8/2/19

Products and Tools

Metasploit Wrap-Up 8/2/19

Wei Chen's avatar

Wei Chen

Introducing Pingback Payloads

Products and Tools

Introducing Pingback Payloads

Brendan Watters's avatar

Brendan Watters

BlueKeep Exploits May Be Coming: Our Observations and Recommendations

Vulnerabilities and Exploits

BlueKeep Exploits May Be Coming: Our Observations and Recommendations

boB Rudis's avatar

boB Rudis

New Research: Investigating and Reversing Avionics CAN Bus Systems

Threat Research

New Research: Investigating and Reversing Avionics CAN Bus Systems

Patrick Kiley's avatar

Patrick Kiley

How to Automate Threat Hunting with SOAR for Faster Response Times

Security Operations

How to Automate Threat Hunting with SOAR for Faster Response Times

Christie Ott's avatar

Christie Ott

Metasploit Wrap-Up 7/26/19

Products and Tools

Metasploit Wrap-Up 7/26/19

Jeffrey Martin's avatar

Jeffrey Martin

Why the Modern SIEM Is in the Cloud

Detection and Response

Why the Modern SIEM Is in the Cloud

Eric Sun's avatar

Eric Sun

Ensuring Timely Remediation of Security Risks with Service-Level Agreements (SLAs) in InsightVM

Exposure Management

Ensuring Timely Remediation of Security Risks with Service-Level Agreements (SLAs) in InsightVM

Bulut Ersavas's avatar

Bulut Ersavas

Beyond Static Rules: WAF vs. RASP for Better Web Application Security

Products and Tools

Beyond Static Rules: WAF vs. RASP for Better Web Application Security

Bria Grangard's avatar

Bria Grangard

Metasploit Wrap-Up: 7/19/19

Products and Tools

Metasploit Wrap-Up: 7/19/19

Jacob Robles's avatar

Jacob Robles

Why Having the Right Team Is Vital to Advancing Security

Industry Trends

Why Having the Right Team Is Vital to Advancing Security

Bri Hand's avatar

Bri Hand

End of Sale Announced for Metasploit Community

Products and Tools

End of Sale Announced for Metasploit Community

Justin Buchanan's avatar

Justin Buchanan

Your Guide to Securing Multi-Cloud Environments in an IaaS World

Detection and Response

Your Guide to Securing Multi-Cloud Environments in an IaaS World

Meaghan Buchanan's avatar

Meaghan Buchanan

Metasploit Open Source Office Hours: Vegas 2019

Products and Tools

Metasploit Open Source Office Hours: Vegas 2019

Pearce Barry's avatar

Pearce Barry

Metasploit Wrap-Up 7/12/19

Products and Tools

Metasploit Wrap-Up 7/12/19

Erin Bleiweiss's avatar

Erin Bleiweiss