4 min
Detection and Response
Attack vs. Data: What You Need to Know About Threat Hunting
While the definition of threat hunting may be straightforward—proactively hunting for threats—the reality of implementing a threat-hunting program is a bit more complicated, as there are different threat-hunting methodologies to choose from.
4 min
Managed Detection and Response (MDR)
Rapid7 Recognized as a Strong Performer in the Inaugural Forrester Wave™ for MDR, Q1 2021
Rapid7 has been included among the top vendors in the inaugural Forrester Wave™: Managed Detection and Response, Q1 2021 and recognized as a Strong Performer.
3 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 1: Deep Observation of Real-Time Endpoint Data
Assessing Managed Detection and Response (MDR) vendors is no easy task. However, evaluating each based on predetermined tactical prescriptions for what a provider can offer your business can help ensure you are hiring the right fit for you and your team.
18 min
Zero-Day
Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange
In recent weeks, there has been quite a lot of reporting on the exploitation of the latest disclosed vulnerabilities in Microsoft’s Exchange Server by an attacker referred to as HAFNIUM.
6 min
SOAR
SOC Automation with InsightIDR and InsightConnect
It may not be a surprise that automating your security operations will augment your team’s skills and expertise to detect and respond to threats with super speed.
4 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: Mar. 19, 2021
A local exploit for a Windows Server 2012 DLL hijacking vulnerability, plus a slew of fixes and improvements.
5 min
News
F5 Discloses Eight Vulnerabilities—Including Four Critical Ones—in BIG-IP Systems
On March 10, 2021, F5 disclosed eight vulnerabilities, four of which are deemed "critical."
2 min
Application Security
Rapid7 Announces Release of New tCell Amazon CloudFront Agent
We are excited to announce tCell’s CloudFront agent, which leverages Lambda@Edge to help push security closer to the “edge” without requiring any code changes to your applications.
2 min
Metasploit
Metasploit Wrap-Up: 3/12/21
Three new modules for achieving code execution, a new way to play favorites, and more! Plus a Google Summer of Code announcement!
2 min
Research
Introducing the 2020 Vulnerability Intelligence Report: 50 CVEs that Made Headlines in 2020
Our 2020 Vulnerability Intelligence Report examines 50 vulnerabilities from 2020 to highlight exploitation patterns, explore attacker use cases, and offer a practical framework for understanding new threats.
1 min
Detection and Response
InsightIDR’s NTA Capabilities Expanded to AWS
We’re excited to announce we have expanded the Network Traffic Analysis (NTA) capabilities in InsightIDR to support Amazon Web Services (AWS) environments.
9 min
Vulnerability Management
Patch Tuesday - March 2021
Another Patch Tuesday (2021-Mar
) is upon us and
with this month comes a whopping 122 CVEs. As usual Windows tops the list of
the most patched product. However, this month it’s browser vulnerabilities
taking the second place, outnumbering Office vulnerabilities 3:1! Lastly, the
Exchange Server vulnerabilities this month are not to be ignored as more than
half of them have been seen exploited in the wild.
Vulnerability Breakdown by S
3 min
Cloud Security
How to Keep Up With Vulnerability Management Challenges in Ephemeral Cloud Environments
The modern perspective is that the cloud has made it much easier to have visibility of your attack surface and everything you’re working with.
3 min
Metasploit
Metasploit Wrap-Up: 3/5/21
A new exploit for FortiOS and some module target updates.
4 min
Emergent Threat Response
Mass Exploitation of Exchange Server Zero-Day CVEs: What You Need to Know
On March 2, Microsoft released details on an active state-sponsored threat campaign exploiting four zero-day vulnerabilities in on-premises instances of Microsoft Exchange Server.