All Posts

2 min Events

[VIDEO] An Inside Look at AWS re:Inforce 2022 From the Rapid7 Team

We asked three of our Rapid7 team members to answer a few questions and give us their experience from AWS re:Inforce 2022.

1 min Lost Bots

[The Lost Bots] Season 2, Episode 2: The Worst and Best Hollywood Cybersecurity Depictions

In this episode, our hosts walk us through the most hilariously bad and surprisingly accurate depictions of cybersecurity in popular film and television.

5 min Vulnerability Management

What’s New in InsightVM and Nexpose: Q2 2022 in Review

We made several investments to both InsightVM and Nexpose throughout Q2 2022 that will help teams improve and automate vulnerability management.

2 min Emergent Threat Response

Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26138

Exploitation is underway CVE-2022-26138, one of a trio of critical Atlassian vulnerabilities affecting the company's on-premises products.

3 min Ransomware

To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved

Our research shows the "market share" of ransomware groups and how much they focused on different types of data.

5 min SOAR

5 SOAR Myths Debunked

As organizations increasingly use SOAR systems to keep up with their security operations challenges, here are 5 SOAR myths worth debunking.

3 min AWS

Rapid7 at AWS re:Inforce: 2 Big Announcements

Here's a look at how Rapid7 is building on our existing partnership with Amazon Web Services to help organizations securely advance.

3 min Vulnerability Disclosure

CVE-2022-35629..35632 Velociraptor Multiple Vulnerabilities (FIXED)

This advisory covers a number of issues identified in Velociraptor and fixed as of Version 0.6.5-2, released July 26, 2022.

2 min Compliance

ISO 27002 Emphasizes Need For Threat Intelligence

Earlier this year, the International Organization for Standardization (ISO) released ISO 27002, which features a dedicated threat intelligence control.

3 min AWS

What We’re Looking Forward to at AWS re:Inforce

Here's a sneak peak at some of the highlights to come this week at AWS re:Inforce and what we're looking forward to the most.

3 min Metasploit

Metasploit Weekly Wrap-Up

The past, present and future of Metasploit Don't miss Spencer McIntyre's talk on the Help Net Security's blog [https://www.helpnetsecurity.com/2022/07/20/past-present-future-metasploit-video/] . Spencer is the Lead Security Researcher at Rapid7 and speaks about how Metasploit has evolved since its creation back in 2003. He also explains how the Framework is addressing today's offensive security challenges and how important is the partnership with the community. LDAP swiss army knife This week,

4 min Cloud Security

Cloud Threat Detection: To Agent or Not to Agent?

Should you be using agents to secure cloud applications, or not? The answer depends on what exactly you're trying to secure.

3 min Detection and Response

Simplify SIEM Optimization With InsightIDR

For far too many years, security teams have accepted that with a SIEM comes compromise. With InsightIDR, you can have the best of both worlds.

4 min SOAR

Deploying a SOAR Tool Doesn’t Have to Be Hard: I’ve Done It Twice

Here are some lessons learned launching and steps for success when launching a SOAR tool for the first time.

4 min Detection and Response

4 Key Statistics to Build a Business Case for an MDR Partner

Any MDR financial justification will come down to four main factors: return on investment (ROI), savings from building out your SOC team, the reduction in risk to your organization, and the time to see value/impact.