• Close
  • Research Reports

    Managed to Mangled

    Managed to Mangled: SNMP Exploits for Network Management Systems

    This Rapid7 report explores attacking Network Management Systems (NMSs) over the Simple Network Management Protocol (SNMP), a protocol used extensively by NMSs to manage and monitor a wide variety of networked devices. Download and read the report to learn about our key findings.

    National Exposure Index

    National Exposure Index: Inferring Internet Security Posture by Country through Port Scanning

    This Rapid7 report offers an extensive and technical exploration of data derived from Project Sonar, our security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys across different services and protocols. Download and read the report to learn about our key findings.

    The Attacker's Dictionary - Auditing Criminal Credential Attacks

    The Attacker's Dictionary - Auditing Criminal Credential Attacks

    This paper is the product of nearly a year's worth of opportunistic credential scanning data collected from Heisenberg, Rapid7's public-facing network of low-interaction honeypots. Instead of focusing on the passwords that end users typically pick, with this data we can see what opportunistic scanners are using in order to test— and likely compromise— Internet connected point of sale (POS) systems, kiosks, and scamware-compromised desktop PCs which offer the Remote Desktop Protocol (RDP) service for remote management.

    2015 Incident Detection & Response Survey

    2015 Incident Detection & Response Survey

    Incident Detection & Response is a growing challenge – security teams are often understaffed, the attack surface for intruders is expanding, and it’s difficult to detect stealthy user-based attacks. Rapid7 surveyed 271 security professionals about the state of their incident response program, their primary security concerns/challenges, and their plans for 2016. Download the report to see the full results.

    Understanding User Behavior Analytics

    Understanding User Behavior Analytics

    This report, written by Rapid7’s Tod Beardsley and Roy Hodgman, explores four features of modern enterprise networking that will inform any strategy for detecting unusual user account behavior. Read it now to learn about these four features and how User Behavior Analytics (UBA) can be used to complement and extend your enterprise security program.

    HACKING IoT: A Case Study on Baby Monitor Exposures and Vulnerabilities

    Rapid7 researchers conducted in–depth security testing around several video baby monitors from a cross–section of manufacturers; all of the devices under test exhibited several common security issues. Read this report to learn about the 10 vulnerabilities that were discovered.

    SANS Report – Maturing and Specializing: Incident Response Capabilities Needed

    Learn more about the capabilities needed in your incident response program with this high–powered SANS report.

    SANS Product Review: Detect, Investigate, Scrutinize and Contain with Rapid7 UserInsight

    Recent security breaches show that even companies with good defenses often don't find out their systems are infected until outsiders tell them about it. Although the obvious goal for an IT security organization is to prevent a systems breach, we must assume our networks will be breached despite our best defenses. Download the SANS product review whitepaper of Rapid7's UserInsight to learn more about UserInsight's features and use, and how you can protect against compromised credentials and data breaches.

    SAP Penetration Testing Using Metasploit - How to Protect Sensitive ERP Data

    This in-depth research paper explores a number of methods to exploit vulnerabilities within the SAP enterprise resource planning (ERP) system. These methods have been implemented and published in the form of more than 50 modules for Metasploit, a free, open source software for penetration testing.The modules enable companies to test whether their own systems could be penetrated by an attacker.

    Rapid7 Report: Securing User Risk

    Rapid7 surveyed more than 550 organizations about the access and security controls they have in place to reduce the risk of user-oriented attacks.

    Rapid7 Report: Securing the Endpoint

    Rapid7 surveyed more than 600 organizations about the use of security protocols commonly deployed to protect against endpoint attacks.

    Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.

    This whitepaper details research conducted by Rapid7, which reveals that around 40-50 million network-enabled devices are at risk due to vulnerabilities found in the Universal Plug and Play (UPnP) protocol. UPnP enables devices such as routers, printers, network-attached storage (NAS), media players and smart TVs to communicate with each other. The paper investigates how three groups of security flaws relating to the UPnP protocol are exposing millions of users to attacks that could lead to a remote compromise of the vulnerable device.

    Rapid7 Report: Data Breaches in the Government Sector

    Rapid7, the leading provider of security risk intelligence solutions, analyzed data collected and categorized by the Privacy Rights Clearinghouse Chronology of Data Breaches. Using this data, the company outlined patterns for government data breaches, including year, month, location and breach type patterns. This information and tips for protecting infrastructure can ensure that government IT environments stay protected against malicious attacks and unintended disclosure.