Rapid7 Labs
Cybersecurity Intelligence, Threat Data, and Research
Rapid7 Labs tracks adversaries, shares proprietary, curated intelligence and research, and builds trusted open-source communities—all to help you improve your security program.
Predictive lead time is a thing of the past. Now, it’s about your ability to move smarter, not just faster. Organizations that reduce the preventable conditions attackers monetize before exploitation occurs, can regain a measure of control.
New
2026 Global Threat Landscape Report
The predictive window has collapsed as AI-driven attacks outpace reactive security models. Exploitation follows disclosure in days, ransomware has become sophisticated and industrialized, and identity, cloud, and edge systems are prime targets for attack.
Executive Digital Footprints Threat Report
This report reveals how public data, leaked credentials, and social media can expose the digital footprints of executives, opening them and their organizations to significant risk. It also compares U.S. and European executives on a proprietary scale.
.jpg%3Fauto%3Davif&w=3840&q=75)
Q3 2025 Threat Landscape Report
Rapid7’s Q3 2025 Threat Landscape Report reveals how cyber threats are accelerating in speed, sophistication, and scale. Attackers are weaponizing vulnerabilities within days, using AI to automate deception, and performing calculated attacks on critical business infrastructure. The report offers data-driven insights and practical guidance to help defenders outpace evolving adversaries.
Yes, you know Rapid7 Labs
Metasploit modules for threat-informed purple teaming
Open-source researchers, pen testers, and threat hunters
Metasploit modules for threat-informed purple teaming
Open-source researchers, pen testers, and threat hunters
11,000+ customers are safer, and so is everybody else
Curated threat intel and AI, baked in
Rapid7 Labs holds a slew of AI patents that power risk and threat analysis, and detect threats faster and prioritize vulnerabilities better.
Big issues & emergent threats
In 2023, we tracked over 160 state-sponsored attacks—from one-off APT attacks to ongoing tracking of almost daily activity from APT groups.
Security communities for everyone
Our open-source projects like Metasploit, Velociraptor, and AttackerKB have bi-directional feeds into our platform solutions.
Internet-scale data and research
Get easy insight into public internet exposure and exploit prevalence with Project Sonar, our internet-wide scanning technology, and our honeypot network Project Lorelei.
Curated threat intel and AI, baked in
Rapid7 Labs holds a slew of AI patents that power risk and threat analysis, and detect threats faster and prioritize vulnerabilities better.
Big issues & emergent threats
In 2023, we tracked over 160 state-sponsored attacks—from one-off APT attacks to ongoing tracking of almost daily activity from APT groups.
Security communities for everyone
Our open-source projects like Metasploit, Velociraptor, and AttackerKB have bi-directional feeds into our platform solutions.
Internet-scale data and research
Get easy insight into public internet exposure and exploit prevalence with Project Sonar, our internet-wide scanning technology, and our honeypot network Project Lorelei.
Real-time emergent threat guidance
Between Rapid7 Labs and our 24/7 follow-the-sun MDR, we observe 3.3 trillion security events every week. We perform in-depth technical analysis of emergent attack vectors, follow attacks as they evolve, and communicate indicators of compromise and next-step guidance in real time—click below to see our latest emergent threat coverage.
Your data may be everywhere, but so are we
Always-on expertise about emerging threats
Global cybersecurity experts join Rapid7’s Chief Scientist Raj Samani to reveal how you can better anticipate and defend against tomorrow’s adversaries in this on-demand webinar.
Preventing breaches earlier across your attack surface
Take attackers out before they pop you. It’s proactive, comprehensive coverage for your entire environment from the endpoint to the cloud.
Defending the distributed and far-flung
Japan is an economic juggernaut with subsidiaries and affiliates at unique and elevated risk of attack around the world. Of course Rapid7 Labs studied it.
Preventing breaches earlier across your attack surface
Take attackers out before they pop you. It’s proactive, comprehensive coverage for your entire environment from the endpoint to the cloud.
Expert intelligence infused into Rapid7 products and services
Intelligence from Rapid7 Labs is built into our products and service offerings to help prioritize risks and uncover threats. This includes vulnerability checks in InsightVM, behavioral detections in InsightIDR and MDR, attack modules in InsightAppSec, exploits in Metasploit, and more.
Meet the research and intelligence teams doing unambiguous good
Raj Samani
Chief scientist
Christiaan Beek
Threat analytics
Building a more secure future with open source communities
Metasploit
Penetration testing software with a growing database of exploits so you can simulate real-world attacks on your network and train your security team to spot and stop the real thing.
AttackerKB
Alongside the greater security community, discuss, analyze, and expand your knowledge of conditions and characteristics that make vulnerabilities exploitable by attackers.
Interested in threat intelligence product offerings from Rapid7?
Products and Tools
Metasploit Wrap-Up 03/20/2026
Brendan Watters
Products and Tools
Negotiating with the Board: Translating Active Risk into Financial Exposure
Trevor Christiansen
Vulnerabilities and Exploits
CVE-2026-31381, CVE-2026-31382: Gainsight Assist Information Disclosure and Cross-Site Scripting (FIXED)
Christopher O’Boyle