3 min
Emergent Threat Response
CVE-2022-3786 and CVE-2022-3602: Two High-Severity Buffer Overflow Vulnerabilities in OpenSSL Fixed
The Rapid7 research team will update this blog post as we learn more details
about this vulnerability and its attack surface area.
The OpenSSL [https://www.openssl.org/] project released
[https://www.openssl.org/news/cl30.txt] version 3.0.7 on November 1, 2022, to
address CVE-2022-3786 and CVE-2022-3602
[https://www.openssl.org/news/secadv/20221101.txt], two high-severity
vulnerabilities affecting OpenSSL’s 3.0.x version stream discovered and reported
by Polar Bear and Viktor Dukhovni. OpenSSL
3 min
7 Rapid Questions
7 Rapid Questions with Toshio Honda, Sr. Security Solutions Engineer
Rapid7 sat down with Senior Security Solutions Engineer, Toshio Honda, to discuss their career and time at Rapid7.
2 min
Cloud Security
Emerging best practices for securing cloud-native environments
As technology evolves and threats change rapidly, organizations that stay abreast of the latest developments, trends, and industry standards tend to have fewer security risks than those that don't.
3 min
InsightIDR
A SIEM With a Pen Tester's Eye: How Offensive Security Helps Shape InsightIDR
At Rapid7, our laser-focus has always been trained on one thing: helping digital defenders spot and stop bad actors. From the start of our story, penetration testing — or pen testing, for short — has been one of the cornerstones of that obsession.
1 min
Lost Bots
[The Lost Bots] S02E04: Cyber's Most Dangerous Game — Threat Hunting
In this episode of The Lost Bots, our hosts dive into the practical side of getting your threat hunting efforts up and running.
3 min
Career Development
5 Things Rapid7 Looks for in a BDR, and How We Spot Them
Our Talent Acquisition Partner, Lauren Coloumbe, shares five things we look for in BDRs and how we spot them in the interview process.
1 min
Lost Bots
[The Lost Bots] S02E03: Browser-in-Browser Attacks — Don't Get (Cat)-Phished
In this Lost Bots episode, our hosts talk phishing — not the everyday kind, but a new technique known as browser-in-browser attacks.
2 min
Detection and Response
OCSF: Working Together to Standardize Data
Rapid7 and other security vendors are collaborating on an Open Cybersecurity Schema Framework (OCSF), an open standard for both data producers and users.
3 min
Career Development
How One Engineer Upskilled Into a Salesforce Engineering Role at Rapid7
When our Engineering team was searching for candidates to help with our Salesforce ecosystem, one engineer stepped up to the challenge of a new role.
4 min
Security Strategy
Building Cybersecurity KPIs for Business Leaders and Stakeholders
In this post, we discuss how to operationalise security into an overall strategy measured by cybersecurity KPIs.
1 min
Lost Bots
[The Lost Bots] Season 2, Episode 2: The Worst and Best Hollywood Cybersecurity Depictions
In this episode, our hosts walk us through the most hilariously bad and surprisingly accurate depictions of cybersecurity in popular film and television.
5 min
Security Strategy
How to Build and Enable a Cyber Target Operating Model
In a recent webinar, Rapid7's EMEA CTO Jason Hart explained the journey to a targeted operating cybersecurity model.
2 min
Career Development
Rapid7 Belfast Recognized for “Company Connection” During COVID-19 Pandemic
Irish News has recognized Rapid7 in its Workplace and Employment Awards, where we’ve taken home the trophy for Best Company Connection.
1 min
Lost Bots
[The Lost Bots] Season 2, Episode 1: SIEM Deployment in 10 Minutes
In the first installment of Season 2 of The Lost Bots, hosts Jeffrey Gardner and Stephen Davis give us their 5 pillars of success for SIEM deployment.
2 min
Awards
Two Rapid7 Solutions Take Top Honors at SC Awards Europe
We are pleased to announce that two Rapid7 solutions were recognized on Tuesday, June 21, at the prestigious SC Awards Europe.