3 min
InsightIDR
InsightIDR AI Alert Triage Automatically Classifies Alerts with 99.93% Accuracy
Rapid7's AI Alert Triage – trained and tested by the Rapid7 global MDR service across trillions of alerts worldwide — will soon be available to users of our next-gen SIEM, InsightIDR, at no additional cost.
5 min
Managed Detection and Response (MDR)
Deepening the MDR partnership: Rapid7 now delivers Active Remediation with Velociraptor
Powered by our best-in-class, open-source digital forensics and incident response (DFIR) tool, Rapid7 MDR analysts can take direct, approved remediation actions on your behalf.
4 min
Exposure Command
Driving down MTTR with Remediation Hub, Available in Rapid7 Exposure Command
Rapid7’s Remediation Hub enables security teams to go beyond simply identifying vulnerabilities and focus more on remediating risk.
5 min
Exposure Command
From Exposure to Assurance: Unified Remediation Across the Security Lifecycle
Rapid7’s Exposure Command directly addresses this gap, combining advanced risk-based vulnerability management (RBVM) with environmental context, threat intelligence, and native workflow automation.
2 min
Exposure Command
Introducing Rapid7’s Exposure Assessment Platform Buyer’s Guide
To help organizations navigate this rapidly changing threat landscape, we are excited to introduce the Exposure Assessment Platform (EAP) Buyer’s Guide.
3 min
Emergent Threat Response
Active exploitation of SAP NetWeaver Visual Composer CVE-2025-31324
A critical SAP NetWeaver zero-day vulnerability (CVE-2025-31324) that allows for full SAP server compromise is being actively exploited in the wild.
4 min
Metasploit
Metasploit Wrap-Up 04/25/2025
AD CS workflow improvement with new PKCS12 features
Given the increasing popularity of AD CS misconfiguration exploitation in recent
years, Metasploit has been consistently improving its capabilities in this area.
This week’s release introduces a new certs command to the msfconsole, enabling
users to manage PKCS12 certificates stored in the database, similar to the klist
command
2 min
Managed Detection and Response (MDR)
THE NEW Rapid7 MDR for Enterprise: Tailored Detection and Response for Complex Environments
We’re excited to introduce Rapid7 MDR for Enterprise—a fully managed, customized detection and response service designed to meet the complexity of the modern enterprise head-on.
5 min
Threat Intel
From Noise to Action: Introducing Intelligence Hub
We are delighted to announce the availability of Intelligence Hub, an evolution in threat intelligence delivery that is designed to provide meaningful context and actionable insights integrated with the Rapid7 Command Platform.
2 min
Events
Top Lessons from Take Command 2025
Take Command 2025 delivered big insights on AI, exposure management, red teaming, and cloud defense. Catch up with on-demand sessions.
2 min
Metasploit
Metasploit Wrap-Up 04/18/2025
Smaller Fetch Payloads
This week, a significant enhancement was made to the already awesome fetch
payload
feature by our very own bwatters-r7 . The
improvement introduces a new option, PIPE_FETCH, which optimizes the process by
serving both the payload and the command to be executed simultaneously.
This enhancement directly addresses the challenge of limited s
1 min
Vulnerability Management
Following the News: MITRE’s Common Vulnerabilities and Exposures (CVE) Funding
Rapid7 continues to monitor both public and private discussions closely in its capacity as a CVE Numbering Authority (CNA) and as a longtime leader and participant in the CVE ecosystem.
2 min
Events
Take Command 2025: A Day of Insight, Innovation, and Impact
Explore top insights from Take Command 2025—ransomware, AI, red teaming, and more. All sessions now available on demand.
3 min
Metasploit
Metasploit Weekly Wrap-Up 04/11/2025
Spring Exploits
This weekly release of Metasploit Framework includes new RCE exploit modules for
several vulnerable applications: Appsmith, a low-code application platform which
contains a misconfiguration on PostgreSQL (CVE-2024-55964); Pandora FMS, a
monitoring solution, where, once gained access to the administrator panel is
possible to inject commands (CVE-2024-12971); Oracle Access Manager, a SSO
application containing an unauthenticated deserialization vulnerability
(CVE-2021-35587); and p
5 min
Detection and Response
Password Spray Attacks Taking Advantage of Lax MFA
In the first quarter of 2025, Rapid7’s Managed Threat Hunting team observed a significant volume of brute-force password attempts leveraging FastHTTP, a high-performance HTTP server and client library for Go, to automate unauthorized logins via HTTP requests.