All Posts

1 min Security Nation

[Security Nation] Jacques Chester of Shopify Talks CVSS Scores

In this episode of Security Nation, Shopify Senior Staff Software Developer Jacques Chester joins Jen and Tod to discuss his intriguing paper on CVSS scores and the overall oddness of vulnerability distribution.

4 min Cloud Security

4 Strategies for Achieving Greater Visibility in the Cloud

Here are four ways to put visibility at the center of your cloud security approach and better understand what's going on in your environment.

2 min Detection and Response

Gimme! Gimme! Gimme! (More Data): What Security Pros Are Saying

Eight in 10 organizations collect, process, and analyze security operations data from more than 10 sources, but security analysts need even more.

5 min Vulnerability Disclosure

CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation

Rapid7 discovered a local privilege escalation vulnerability affecting Zyxel firewalls. The vulnerability allows a low privileged user, such as `nobody`, to escalate to `root` on affected firewalls.

2 min Application Security

Deploy tCell More Easily With the New AWS AMI Agent

We've introduced the AWS AMI Agent for tCell, which makes it easier to deploy tCell into your software development life cycle.

3 min Metasploit

Metasploit Weekly Wrap-Up

JBOSS EAP/AS - More Deserializations? Indeed! Community contributor Heyder Andrade [https://github.com/heyder] added in a new module for a Java deserialization vulnerability in JBOSS EAP/AS Remoting Unified Invoker interface for versions 6.1.0 and prior. As far as we can tell this was first disclosed by Joao Matos [https://github.com/joaomatosf] in his paper at AlligatorCon [https://s3.amazonaws.com/files.joaomatosf.com/slides/alligator_slides.pdf]. Later a PoC from Marcio Almeida [https://twit

4 min Vulnerability Management

InsightVM Release Update: Let’s Focus on Remediation for Just a Minute

We’re pleased to release two InsightVM updates that are aimed at not only improving VM program success but also reducing the effort to get you there.

3 min Application Security

It’s the Summer of AppSec: Q2 Improvements to Our Industry-Leading DAST and WAAP

Summer is in full swing, and that means soaring temps, backyard grill-outs, and the latest roundup of Q2 application security improvements from Rapid7.

4 min Career Development

Creating an Exceptional Workplace: Building and Expansion in a Post-COVID World

Rapid7 is celebrating the opening of its newly expanded and designed Reading, UK office, located in the Thames Valley District at Forbury Place.

7 min Vulnerability Management

Patch Tuesday - July 2022

One 0-day vulnerability, four Critical RCEs, and a whole bunch of fixes for Azure Site Recovery.

5 min Career Development

The Forecast Is Flipped: Flipping L&D to Ensure Continuous Growth

Here's how Rapid7 moved away from a one-size-fits-all approach to learning and put our Moose in the driver's seat of their development.

4 min Cloud Security

3 Key Challenges for Cloud Identity and Access Management

Here are three of the main challenges that security teams face when implementing a cloud IAM solution, as well as some strategies to help tackle them.

7 min Detection and Response

Rapid7 MDR Reduced Breaches by 90% via Greater Efficiency to Detect, Investigate, Respond to, and Remediate Breaches

No team can investigate every alert, but forging a valuable partnership with a an MDR provider can provide near-immediate headcount extension to your SOC.

3 min Metasploit

Metasploit Weekly Wrap-Up

DFSCoerce - Distributing more than just files DFS (Distributed File System) is now distributing Net-NTLM credentials thanks to Spencer McIntyre [https://github.com/zeroSteiner] with a new auxiliary/scanner/dcerpc/dfscoerce module that is similar to PetitPotam in how it functions. Note that unlike PetitPotam, this technique does require a normal domain user’s credentials to work. The following shows the workflow for targeting a 64-bit Windows Server 2019 domain controller. Metasploit is hostin

2 min Detection and Response

Today’s SOC Strategies Will Soon Be Inadequate

New research sponsored by Rapid7 explores the momentum behind SOC modernization and the role extended detection and response (XDR) plays.