All Posts

1 min Industry Cyber-Exposure Report (ICER)

Rapid7 Releases New Industry Cyber-Exposure Report (ICER): ASX 200

Today, we are excited to release the third report in our Industry Cyber-Exposure Report (ICER) series, which digs into cyber-exposure among organizations in Australia’s ASX 200.

4 min Cloud Security

4 DevOps Challenges to Cloud Security and Compliance—and How IaC Can Help

There are many challenges on the road to the goal of a super-efficient working relationship between DevOps and cloud security. Let’s take a look at 4 of those challenges & how security organizations can leverage Infrastructure-as-Code (IaC) templates to go from a reaction to a prevention culture.

3 min Kubernetes

Kubernetes Security Is Not Container Security

I recently had an interesting discussion with Gianluca Brindisi from Spotify about the differences between Kubernetes security and container security.

5 min Kubernetes

Securing Kubernetes Deployments From Runway to Takeoff

Kubernetes use is rising rapidly—according to a 2019 Cloud Native Computing Foundation (CNCF) survey, 78% of respondents say they use Kubernetes today (58% more respondents than the previous year).

6 min Career Development

Grow, Develop, and Impact More Than Just Your Career: Software Engineering at Rapid7 Belfast

As an employee-first organization, Rapid7 does its best to support, encourage, and provide resources to employees to ensure they are able to continue progressing in their careers and feel adequately supported in doing so.

3 min Metasploit

Metasploit Wrap-Up

New modules for vRealize, Druid, Redis, and more! Also some nice improvements and fixes.

4 min Industry Cyber-Exposure Report (ICER)

Rapid7's 2021 ICER Takeaways: Web Security Among the Fortune 500

There are very few security measures that should be applied to all web applications across the board without further subdividing what specific type of application we are referring to. However, there are a couple that we will examine here.

3 min DevSecOps

DevSecOps and the New Scope of Application Development

As expectations of developers change, so too do those of security teams. It’s more of a collective effort than ever as business dependence on applications continues to grow.

1 min

[Security Nation] Marina Ciavatta and int eighty Put the Fun into Hacking With Hacking Esports and Dual Core Music

In this episode of Security Nation, we are joined by Marina Ciavatta and int eighty to talk about Hacking ESports, their "quarantine project that got out of control."

2 min DivvyCloud

What's New in DivvyCloud by Rapid7: April 2021

This month, we’d like to focus on one key area of change included in this release: the scheduler.

4 min Industry Cyber-Exposure Report (ICER)

Rapid7's 2021 ICER Takeaways: Email Security Among the Fortune 500

We all know and love—or at least begrudgingly rely upon—email. It is a pillar of modern communications, but is unfortunately also highly susceptible to being leveraged as a mechanism for malicious actions, such as spoofing or phishing.

3 min InsightVM

What’s New in InsightVM: Q1 2021 in Review

Here now is a rundown of new features and functionality launched in Q1 2021 for InsightVM and Insight Cloud. We hope you can begin to leverage these changes to drive success across your organization.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

New session validation enhancements across command shell types verify sessions have been established and are responsive before they can be used. Plus, JSON RPC service improvements, three new modules, and more fixes and enhancements.

5 min Managed Detection and Response

MDR Vendor Must-Haves, Part 8: Rapid7 Incident Response (Breach) Support

Having the best threat detection methodologies, a streamlined and efficient process for validating threats, and a rock-solid reporting standard may still leave you open to unexpected costs.

3 min News

Active Exploitation of Pulse Connect Secure Zero-Day (CVE-2021-22893)

On Tuesday, FireEye published detailed analysis of multiple threat campaigns targeting Ivanti’s Pulse Connect Secure VPN.