1 min
AWS
AWS Graviton Processor Support on Insight Agent
We are pleased to announce that the Insight Agent now supports the AWS Graviton processor. The Insight Agent supports various operating systems using the AWS Graviton processor.
5 min
XDR
2023 Cybersecurity Industry Predictions
Rapid7 has put together a webinar featuring some of Rapid7’s leading thinkers on the subject — and an important voice from a valued customer — to discuss some of the lessons learned and give their take on what 2023 will look like.
3 min
InsightIDR
About Anomalous Data Transfer detection in InsightIDR
Data exfiltration is an unauthorized movement or transfer of data occurring on an organization’s network. Identifying this cyber risk is integral to securing your organization’s network.
3 min
Vulnerability Disclosure
CVE-2022-4261: Rapid7 Nexpose Update Validation Issue (FIXED)
Nexpose version 6.6.172 fixes an issue with how Nexpose validates update packages, CVE-2022-4261.
2 min
Security Strategy
ISO 27001 Certification: What it is and why it matters
Rapid7's ISMS is ISO 27001 certified. This certification validates that our security strategy and processes meet very high standards and underscores our commitment to corporate and customer data security.
2 min
IoT
Get your head in the cloud(s)
Many organizations are in the midst of adopting the cloud faster than ever before; it’s arguably mission critical for their success and longevity.
1 min
Android
Leaked Android Platform Certificates Create Risks for Users
A new report contains 10 different platform certificates and malware sample SHA256 sums where the malware sample had been signed by a platform certificate.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 12/2/22
ProxyNotShell
This week's Metasploit release includes an exploit module for CVE-2022-41082,
AKA ProxyNotShell by DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q, Orange Tsai
, Piotr Bazydło
, Rich Warren
, Soroush Dalili
, and our very own Spencer McIntyre . The
vulnerability CVE-2022-41082, AKA ProxyNotShell is a deserialization flaw in
Microsoft Exchang
8 min
Velociraptor
Velociraptor Version 0.6.7: Better Offline Collection, Encryption, and an Improved NTFS Parser Dig Deeper Than Ever
Rapid7 is excited to announce the release of version 0.6.7 of Velociraptor – an advanced, open-source digital forensics and incident response (DFIR) tool.
3 min
Security Operations (SOC)
Powerlifting in the Cybersecurity Skills Gap
If your SOC hasn’t been running smoothly in a while, there’s likely multiple reasons why. But that doesn’t mean there’s nothing you can do about it. An MDR provider could help you weather the talent gap.
3 min
InsightCloudSec
Can Cloud Security Be Easier Than Complex?
Cloud security is one dish in the larger holiday meal of a company’s entire budget. Fighting for scraps of funding is hard, so it’s important to identify exactly what you need.
2 min
AWS
Rapid7 Integration For AWS Verified Access
Today at re:invent, Amazon Web Services (AWS) unveiled its new AWS Verified Access service, and we are thrilled to announce that InsightIDR — Rapid7’s next-gen SIEM and XDR — will support log ingestion from this new service when it is made generally available.
2 min
AWS
InsightIDR Launches Integration With New AWS Security Data Lake Service
One of the most exciting announcements has to be the launch of Amazon Security Lake. We see a lot of potential for this new service, which is why Rapid7 is proud to announce the immediate availability of an integration between InsightIDR and Security Lake.
3 min
Cloud Infrastructure
Unifying Threat Findings to Elevate Your Runtime Cloud Security
Widespread growth in cloud adoption in recent years has given businesses across industries the ability to transform in new ways, often forcing them to choose between slowing the pace of their innovation or taking on massive amounts of unmanaged risk.
3 min
Cloud Security
Reducing Risk In The Cloud with Agentless Vulnerability Management
In order to gain visibility into vulnerabilities in their public cloud environments, many organizations still rely on agent or network-based scanning technology that was initially built for traditional infrastructure and endpoints.