The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Metasploit Wrap-Up 1/4/19

Products and Tools

Metasploit Wrap-Up 1/4/19

Erin Bleiweiss's avatar

Erin Bleiweiss

Happy HaXmas! Year-End Internet Scanning Observations

Threat Research

Happy HaXmas! Year-End Internet Scanning Observations

Jon Hart's avatar

Jon Hart

Santa's ELFs: Running Linux Executables Without execve

Exposure Management

Santa's ELFs: Running Linux Executables Without execve

Adam Cammack's avatar

Adam Cammack

The Ghost of Exploits Past: A Deep Dive into the Morris Worm

Threat Research

The Ghost of Exploits Past: A Deep Dive into the Morris Worm

William Vu's avatar

William Vu

HaXmas Review: 12 Patch Tuesdays a-Patching

Detection and Response

HaXmas Review: 12 Patch Tuesdays a-Patching

Greg Wiseman's avatar

Greg Wiseman

The Layer 8(th) Day of Christmas: Rapid7 Pen Testers Reveal Social Engineering Insights at Recent Conference

Exposure Management

The Layer 8(th) Day of Christmas: Rapid7 Pen Testers Reveal Social Engineering Insights at Recent Conference

Patrick Laverty's avatar

Patrick Laverty

Advice for the Lazy Family Sysadmin

Exposure Management

Advice for the Lazy Family Sysadmin

Brent Cook's avatar

Brent Cook

Once a Haxer, Always a Haxor

Threat Research

Once a Haxer, Always a Haxor

Deral Heiland's avatar

Deral Heiland

The New Shiny: Memorable Metasploit Moments of 2018

Products and Tools

The New Shiny: Memorable Metasploit Moments of 2018

Caitlin Condon's avatar

Caitlin Condon

R7-2018-52: Guardzilla IoT Video Camera Hard-Coded Credential (CVE-2018-5560)

Vulnerabilities and Exploits

R7-2018-52: Guardzilla IoT Video Camera Hard-Coded Credential (CVE-2018-5560)

Tod Beardsley's avatar

Tod Beardsley

The Return of Snapid Kevin to the North Pole

Exposure Management

The Return of Snapid Kevin to the North Pole

Jonathan Stines's avatar

Jonathan Stines

The 12 Days of HaXmas: A Festive Blog Series Recapping Security in 2018

Exposure Management

The 12 Days of HaXmas: A Festive Blog Series Recapping Security in 2018

Tod Beardsley's avatar

Tod Beardsley

Metasploit Wrapup 12/21/18

Products and Tools

Metasploit Wrapup 12/21/18

Sonny Gonzalez's avatar

Sonny Gonzalez

Rsunk your Battleship: An Ocean of Data Exposed through Rsync

Threat Research

Rsunk your Battleship: An Ocean of Data Exposed through Rsync

Jon Hart's avatar

Jon Hart

How to Use the InsightVM Policy Compliance Status Report to Measure Benchmark Configurations

Exposure Management

How to Use the InsightVM Policy Compliance Status Report to Measure Benchmark Configurations

Jesika McEvoy's avatar

Jesika McEvoy

Rapid7 Partners with AWS Security Hub for Deeper Vulnerability Reporting

Exposure Management

Rapid7 Partners with AWS Security Hub for Deeper Vulnerability Reporting

Alfred Chung's avatar

Alfred Chung

Windows Event Forwarding: The Best Thing You’ve Never Heard Of

Detection and Response

Windows Event Forwarding: The Best Thing You’ve Never Heard Of

Josh Frantz's avatar

Josh Frantz

Charting the Forthcoming PHPocalypse in 2019

Threat Research

Charting the Forthcoming PHPocalypse in 2019

boB Rudis's avatar

boB Rudis

Metasploit Wrapup 12/14/18

Products and Tools

Metasploit Wrapup 12/14/18

Shelby Pace's avatar

Shelby Pace

Securing Buckets with Amazon S3 Block Public Access

Threat Research

Securing Buckets with Amazon S3 Block Public Access

Rapid7's avatar

Rapid7

Metasploit Wrapup 12/7/18

Exposure Management

Metasploit Wrapup 12/7/18

Brendan Watters's avatar

Brendan Watters