4 min
Cloud Security
4 DevOps Challenges to Cloud Security and Compliance—and How IaC Can Help
There are many challenges on the road to the goal of a super-efficient working relationship between DevOps and cloud security. Let’s take a look at 4 of those challenges & how security organizations can leverage Infrastructure-as-Code (IaC) templates to go from a reaction to a prevention culture.
3 min
Kubernetes Security
Kubernetes Security Is Not Container Security
I recently had an interesting discussion with Gianluca Brindisi from Spotify about the differences between Kubernetes security and container security.
5 min
Kubernetes Security
Securing Kubernetes Deployments From Runway to Takeoff
Kubernetes use is rising rapidly—according to a 2019 Cloud Native Computing Foundation (CNCF) survey, 78% of respondents say they use Kubernetes today (58% more respondents than the previous year).
6 min
Career Development
Grow, Develop, and Impact More Than Just Your Career: Software Engineering at Rapid7 Belfast
As an employee-first organization, Rapid7 does its best to support, encourage, and provide resources to employees to ensure they are able to continue progressing in their careers and feel adequately supported in doing so.
3 min
Metasploit
Metasploit Wrap-Up: 4/30/21
New modules for vRealize, Druid, Redis, and more! Also some nice improvements and fixes.
4 min
ICER Reports
Rapid7's 2021 ICER Takeaways: Web Security Among the Fortune 500
There are very few security measures that should be applied to all web applications across the board without further subdividing what specific type of application we are referring to. However, there are a couple that we will examine here.
3 min
Application Security
DevSecOps and the New Scope of Application Development
As expectations of developers change, so too do those of security teams. It’s more of a collective effort than ever as business dependence on applications continues to grow.
2 min
InsightCloudSec
What's New in DivvyCloud by Rapid7: April 2021
This month, we’d like to focus on one key area of change included in this release: the scheduler.
4 min
ICER Reports
Rapid7's 2021 ICER Takeaways: Email Security Among the Fortune 500
We all know and love—or at least begrudgingly rely upon—email. It is a pillar of modern communications, but is unfortunately also highly susceptible to being leveraged as a mechanism for malicious actions, such as spoofing or phishing.
3 min
InsightVM
What’s New in InsightVM: Q1 2021 in Review
Here now is a rundown of new features and functionality launched in Q1 2021 for InsightVM and Insight Cloud. We hope you can begin to leverage these changes to drive success across your organization.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/23/21
New session validation enhancements across command shell types verify sessions have been established and are responsive before they can be used. Plus, JSON RPC service improvements, three new modules, and more fixes and enhancements.
5 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 8: Rapid7 Incident Response (Breach) Support
Having the best threat detection methodologies, a streamlined and efficient process for validating threats, and a rock-solid reporting standard may still leave you open to unexpected costs.
3 min
Emergent Threat Response
Active Exploitation of Pulse Connect Secure Zero-Day (CVE-2021-22893)
On Tuesday, FireEye published detailed analysis of multiple threat campaigns targeting Ivanti’s Pulse Connect Secure VPN.
3 min
Cloud Security
The Future is Friction-Free: Drive Innovation With DevOps + SecOps
How can DevOps and IT teams work and innovate in a friction-reduced or—we can all dream—a friction-free way?
3 min
Open Source
Rapid7 and Velociraptor Join Forces
Rapid7 has acquired a digital forensics and incident response (DFIR) framework called Velociraptor.