1 min
Welcome to Rapid7's Extension Forum
Rapid7 is excited to announce the launch of Rapid7 Discuss, a forum intended to serve as a home for analysts, developers, and security practitioners alike.
3 min
SOAR
Rapid7 Named 2019 Global SOAR Company of the Year by Frost & Sullivan
We are thrilled to announce that Frost & Sullivan has named Rapid7 as the Global SOAR Company of the Year after analyzing InsightConnect.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 2/21/20
Long live copy and paste
Adam Galway enhanced the set PAYLOAD command to strip the /payload/, payload/,
and / prefixes from a payload name in an effort to improve the user experience
while configuring an exploit's payload. You can see the new behavior
below!
msf5 exploit(windows/smb/ms17_010_eternalblue) > set payload /payload/windows/x64/meterpreter/reverse_tcp
payload => windows/x64/meterpreter/reverse_tcp
msf5 exploit(windows/smb/ms
4 min
InsightIDR
Rapid7 Named a Leader in Gartner Magic Quadrant for Security Information and Event Management (SIEM)
Rapid7 is thrilled to be recognized as a Leader in the 2020 Gartner Magic Quadrant for Security Information and Event Management (SIEM).
2 min
InsightAppSec
Dig Deeper in InsightAppSec with New Custom Dashboards Feature
To give customers more control over what types of data appear within InsightAppSec, we are pleased to announce our new custom dashboards feature.
8 min
InsightVM
ServiceNow CMDB Asset Import Using the InsightVM Integration for ServiceNow CMDB
This is part two of our series covering the recently released InsightVM Integration for ServiceNow CMDB application available on the ServiceNow Platform.
5 min
Public Policy
Hackers On The Hill - Slides and recap on cybersecurity policy
Recap of a presentation on the state of public policy related to cybersecurity and hacking from Hackers On The Hill 2020.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 2/14/20
Ricoh Privilege Escalation
No ink? No problem. Here’s some SYSTEM access. A new module
by our own space-r7
has been added to Metasploit Framework this week
that adds a privilege escalation exploit for various
Ricoh printer drivers on Windows
systems. This module takes advantage of CVE-2019-19363
by overwriting th
4 min
InsightAppSec
InsightVM + InsightAppSec: A Love Story
Today, we take a moment to appreciate how two of our products, InsightVM and InsightAppSec, work together to secure the entire tech stack for our customers.
5 min
Penetration Testing
Ask a Pen Tester Q&A, Part 2: Everything You Need to Know About the Art of Penetration Testing
We sat down with our own penetration testers to answer some of your questions about what exactly pen testing entails.
4 min
Cloud Security
How to Handle Misconfigurations in the Cloud
In part three of our four-part series on security in the cloud, we will cover how to handle misconfigurations in the cloud.
3 min
Patch Tuesday
Patch Tuesday - February 2020
A relatively modest 99-vulnerability February Patch Tuesday
has arrived with a fix for the Internet Explorer 0-day CVE-2020-0674
(originally ADV200001
)
announced back on January 17. Fortunately, that is the only vulnerability
reported this month th
3 min
Security Operations (SOC)
Intro to the SOC Visibility Triad
In this blog, we break-down the three pillars of the Security Operations Center (SOC) Visibility Triad.
2 min
Vulnerability Management
Rapid7 Analysis and Guidance: CDPwn (CVE-2020-3118)
This blog focuses on CVE-2020-3118, which Rapid7 considers to be the most severe and important of the CDPwn vulnerability group.
2 min
Metasploit
Metasploit Wrap-Up: Feb. 7, 2020
In the week after our CTF, we hope the players had a good time and got back to
their loved ones, jobs, lives, studies, and most importantly, back to their beds
(and you can find out who the winners were here
!).
For the Metasploit team, we went back to baking up fresh, hot modules and
improvements that remind us in this flu season to not just wash your hands, but
also, sanitize your inputs!
SOHOwabout a Shell?
Several