5 min
SOAR
How to Accelerate Your SOAR Program to Full Speed in Less Than a Year
Here are some reflections and advice about setting up a SOAR program, through the lens of one practitioner's successful and innovative year.
2 min
Emergent Threat Response
CVE-2022-36804: Easily Exploitable Vulnerability in Atlassian Bitbucket Server and Data Center
On August 24, 2022, Atlassian published an advisory for Bitbucket Server and Data Center alerting users to CVE-2022-36804.
5 min
Metasploit
Metasploit Weekly Wrap-Up: Sep. 16, 2022
BYOS: Bring your own stager
We try hard to make sure we have a great choice of fully-functional payloads to
choose from, but sometimes you might want to “branch” out on your own, and if
that’s the case we’ve got you covered. In an attempt to make Metasploit play
well with others, we’ve introduced a brand new payload type: “custom.” “Custom”
payloads use Metasploit stagers to build a stager that will stage whatever
shellcode you send it.
Got a third-party payload you want to run like Sliver or a
3 min
Vulnerability Management
The 2022 SANS Top New Attacks and Threats Report Is In, and It's Required Reading
The latest Top New Attacks and Threat Report from the cybersecurity experts at SANS is here — and the findings are critical for security teams.
7 min
Vulnerability Management
Patch Tuesday - September 2022
In this month's Patch Tuesday, we cover the 79 CVEs, including a zero-day privilege escalation, patched by Microsoft this month.
5 min
SOAR
Grey Time: The Hidden Cost of Incident Response
The time cost of incident response for security teams may be greater – and more complex – than we’ve been assuming.
8 min
Vulnerability Management
Getting the most out of your InsightVM console
Here are some of the most common improvements to help you get the most out of your InsightVM console in 2024.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 9/9/22
Authenticated command injection vulnerability of Cisco ASA-X with FirePOWER
Services:
jbaines-r7 added a new module that exploits an
authenticated command injection vulnerability CVE-2022-20828
of Cisco
ASA-X with FirePOWER Services. This vulnerability affects all Cisco ASA
appliances that support ASA FirePOWER module. Note that, although a patch has
been added to most recent ASA FirePOWER mod
4 min
Cloud Security
Integrating Cloud Security With DevOps and CI/CD Tools
In this post, we dive into a key aspect of our approach: integrating cloud security with developer and DevOps tooling.
7 min
Vulnerability Disclosure
Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)
Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare.
2 min
Events
VeloCON 2022: Digging Deeper Together!
Have you ever wanted to share your passion and interest in Velociraptor with the rest of the community? VeloCON is your chance!
3 min
Cloud Security
3 Ways to Improve Data Protection in the Cloud
Here are three cloud data protection best practices highlighted in a recent joint white paper from Rapid7, Mimecast, and Netskope.
3 min
Career Development
5 Things Rapid7 Looks for in a BDR, and How We Spot Them
Our Talent Acquisition Partner, Lauren Coloumbe, shares five things we look for in BDRs and how we spot them in the interview process.
6 min
Vulnerability Management
5 Steps for Dealing With Unknown Environments in InsightVM
In InsightVM, we can use a little bit of SQL, an overarching site with a ping sweep, and a nifty little tag to help get a handle on unknown environments.
4 min
Metasploit
Metasploit Weekly Wrap-Up: 9/2/22
ICPR Certificate Management
This week Metasploit has a new ICPR Certificate Management module from Oliver
Lyak and our very own Spencer McIntyre
, which can be utilized for issuing certificates
via Active Directory Certificate Services. It has the capability to issue
certificates which is useful in a few contexts including persistence, ESC1
and as a
primitive necessary for exp