The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

How Modern SOCs are Fighting against Alert Fatigue

How Modern SOCs are Fighting against Alert Fatigue

Read post
Automating the Cloud: AWS Security Done Efficiently

Detection and Response

Automating the Cloud: AWS Security Done Efficiently

Josh Frantz's avatar

Josh Frantz

Metasploit Wrap-Up 8/16/19

Products and Tools

Metasploit Wrap-Up 8/16/19

William Vu's avatar

William Vu

This One Time on a Pen Test: How I Compromised a Healthcare Portal Before My Hot Cocoa Went Cold

Exposure Management

This One Time on a Pen Test: How I Compromised a Healthcare Portal Before My Hot Cocoa Went Cold

Trevor O'Donnal's avatar

Trevor O'Donnal

Responding to Cloud-Based Security Incidents with InsightConnect: AWS Security Hub

Security Operations

Responding to Cloud-Based Security Incidents with InsightConnect: AWS Security Hub

Tyler Terenzoni's avatar

Tyler Terenzoni

Black Hat, DEF CON, and BSides 2019: Highlights and Emerging Industry Trends

Rapid7 Blog

Black Hat, DEF CON, and BSides 2019: Highlights and Emerging Industry Trends

Tod Beardsley's avatar

Tod Beardsley

Patch Tuesday - August 2019

Exposure Management

Patch Tuesday - August 2019

Greg Wiseman's avatar

Greg Wiseman

August 2019 Microsoft Remote Desktop Services (RDP) Patches: What You Need to Know

Vulnerabilities and Exploits

August 2019 Microsoft Remote Desktop Services (RDP) Patches: What You Need to Know

boB Rudis's avatar

boB Rudis

Cloud Security Primer: The Basics You Need to Know

Detection and Response

Cloud Security Primer: The Basics You Need to Know

Meaghan Buchanan's avatar

Meaghan Buchanan

How to Protect the File System from Your App with WAFs and RASP

Products and Tools

How to Protect the File System from Your App with WAFs and RASP

Boris Chen's avatar

Boris Chen

Metasploit Wrap-Up 8/9/19

Products and Tools

Metasploit Wrap-Up 8/9/19

James Barnett's avatar

James Barnett

This One Time on a Pen Test: Paging Doctor Hackerman

Industry Trends

This One Time on a Pen Test: Paging Doctor Hackerman

Nick Powers's avatar

Nick Powers

The Importance of Preventing and Detecting Malicious PowerShell Attacks

Detection and Response

The Importance of Preventing and Detecting Malicious PowerShell Attacks

Rohit Chettiar's avatar

Rohit Chettiar

How to Monitor Your AWS S3 Activity with InsightIDR

Detection and Response

How to Monitor Your AWS S3 Activity with InsightIDR

Alan Foster's avatar

Alan Foster

Should You Use a SAST, DAST, or RASP Application Security Tool?

Cloud and Devops Security

Should You Use a SAST, DAST, or RASP Application Security Tool?

Garrett Gross's avatar

Garrett Gross

Metasploit Wrap-Up 8/2/19

Products and Tools

Metasploit Wrap-Up 8/2/19

Wei Chen's avatar

Wei Chen

Introducing Pingback Payloads

Products and Tools

Introducing Pingback Payloads

Brendan Watters's avatar

Brendan Watters

BlueKeep Exploits May Be Coming: Our Observations and Recommendations

Vulnerabilities and Exploits

BlueKeep Exploits May Be Coming: Our Observations and Recommendations

boB Rudis's avatar

boB Rudis

New Research: Investigating and Reversing Avionics CAN Bus Systems

Threat Research

New Research: Investigating and Reversing Avionics CAN Bus Systems

Patrick Kiley's avatar

Patrick Kiley

How to Automate Threat Hunting with SOAR for Faster Response Times

Security Operations

How to Automate Threat Hunting with SOAR for Faster Response Times

Christie Ott's avatar

Christie Ott

Metasploit Wrap-Up 7/26/19

Products and Tools

Metasploit Wrap-Up 7/26/19

Jeffrey Martin's avatar

Jeffrey Martin

Why the Modern SIEM Is in the Cloud

Detection and Response

Why the Modern SIEM Is in the Cloud

Eric Sun's avatar

Eric Sun