• slide
  • slide
  • slide
  • slide
  • slide

Overview

Rapid7 (NASDAQ:RPD) powers the practice of SecOps by delivering shared visibility, analytics, and automation so that security, IT, and Development teams can work together more effectively. The Rapid7 Insight platform empowers these teams to jointly manage and reduce risk, detect and contain attackers, and analyze and optimize operations. Rapid7 technology, services, and research drive vulnerability management, application security, incident detection and response (SIEM), orchestration and automation, and log management for more than 7,200 organizations across more than 120 countries, including 54% of the Fortune 100. To learn more about Rapid7 or join our threat research, visit www.rapid7.com.

Products

Blog

Annotation 2020-05-27 175021.png

Decentralize Remediation Efforts to Gain More Efficiency with InsightVM

Let’s talk about the reality of the remediation process today. We know it is often a cumbersome and time-consuming process, and it can be challenging for a Security team to work with IT Operations and Development teams, servicing many assets and owners. There isn’t a vulnerability management team on the planet that hasn’t been affected by productivity-draining reporting, emails, ticketing, and one-off vulnerability verification requests. Click Here to Read More...

 

Annotation 2020-05-27 175021.png

Rapid7 and Snyk Are on the Run(time) with Expanded SCA Capabilities

Earlier this year, Rapid7 and Snyk partnered together with the goal of securing cloud-native apps across the software development lifecycle (SDLC). As modern development teams continue to adopt new technology that helps them accelerate their efforts, security teams are tasked with making sure they can advance their security strategies in similar ways. This is why the Rapid7 and Snyk partnership is so powerful. It allows security teams to embed security from the farthest “left” of the SDLC to the farthest “right” of the SDLC with a holistic approach to testing and monitoring across the application layer. Click Here to Read More...

 

Annotation 2020-05-27 175021.png

CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know

Samba domain controllers before 4.8 have been confirmed to be vulnerable to CVE-2020-1472. There are now multiple public PoC exploits available, most if not all of which are modifications to Secura’s original PoC built on Impacket. There are reports of the vulnerability's being actively exploited in the wild, including to spread ransomware. The maintainer of popular post-exploitation tool Mimikatz has also announced a new release of the tool that integrates Zerologon detection and exploitation support. Several threads on exploitation traces and community detection rules have also garnered attention from researchers and security engineers. Click Here to Read More...

 

Annotation 2020-05-27 175021.png

Vulnerability Remediation vs. Mitigation: What’s the Difference?

Vulnerability management programs look different depending on the available resources and specific risks your organization faces. While both identifying and evaluating possible threats are important steps, the most time-consuming step is actually treating the vulnerability. Click Here to Read More...

 

Annotation 2020-05-27 175021.png

How to Track and Remediate Default Account Vulnerabilities in InsightVM

In this blog post, we are going to talk about a couple of older, lesser-known features that can still provide amazing value in your vulnerability management program using InsightVM. The first thing we will be covering are vulnerability categories, where to find the categories, and how we can leverage them as asset filters with Dynamic Asset Groups (DAGs). These categories will allow us to create one of my favorite workflows to set up and run on new installations to both track and remediateion Default Account vulnerabilities. We will also see how we can use this workflow as a template for additional similar workflows with different vulnerability categories. Click Here to Read More...

 

Annotation 2020-05-27 175021.png

How Rapid7 Is Transforming an On-Premises SOAR Tool into a Cloud-First Automation Platform

Migrating to the cloud is hard. Years, and sometimes decades, of tooling, configuration, and procedures to build and maintain systems on-premises need to be replaced, redesigned, or scrapped altogether and rebuilt from the ground up. Despite the challenges, the complexity, and the work involved, every single organization I talk to, across every vertical, has already invested in the cloud, and every single one of them only sees that investment increasing. Why is that? Click Here to Read More...

 

Annotation 2020-05-27 175021.png

Patch Tuesday - September 2020

Despite maintaining the continued high volume of vulnerabilities disclosed and patched this month, Microsoft's 129-Vulnerability September 2020 Update Tuesday is seemingly calm from an operations perspective -- at first glance. Click Here to Read More...

 

Screenshot 2020-10-06 135458.jpg

How Three InsightVM Customers Scaled Their Vulnerability Management Programs with Rapid7

Managing the totality of vulnerabilities in your IT environment is a tall order. To run your vulnerability management program as a well-oiled machine, you need all the pieces in place, from visibility of all of your assets to effective reporting mechanisms that demonstrate value. But even with the best laid plans, taking full control of the wheel requires technology that supports the goals of your program. Click Here to Read More...

 

Screenshot 2020-10-06 135247.jpg

This One Time on a Pen Test: Playing Social Security Slots

Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. Click Here to Read More...

 

Screenshot 2020-10-06 155808.jpg

Internet of Things Cybersecurity Regulation and Rapid7

Over the past few years, the security of the Internet of Things (IoT) has been a consistent focus in policy circles around the world. It’s easy to understand why: The Internet of Things is where the lines between physical and virtual blur and the potential for cyber-attack could result not only in compromising the confidentiality, integrity, or availability of data, but also potentially in causing physical harm. On top of that, the incredibly rapid adoption of Internet of Things technologies means an explosion in potential attack surface. Click Here to Read More...

 

Screenshot 2020-10-06 160027.jpg

InsightIDR Demo: Cloud-Native SIEM vs. Modern Security Challenges

As much as the phrase “a crowded theatre” calls to mind images from bygone days, we’re old enough to remember the thrill of a good premiere. The star takes the screen (or stage, if live theatre’s your thing), and a hush falls over the crowd. Forget the makeup and special effects—it’s time to kick back and enjoy the magic of storytelling. Click Here to Read More...

 

Screenshot 2020-10-06 160751.jpg

Automated External Sonar Scanning Workflow with InsightVM

Have you ever come into the office on a Monday and were completely surprised by your boss asking about some new public facing zero-day that was released over the weekend? How would they react if you had no idea what they were talking about? How would they react if you both knew about the new vulnerabilities, which assets were affected and already started the remediation process? In this blog post, we are going to discuss an external scanning strategy that you will want to implement with your InsightVM deployment to help with this very question. Click Here to Read More...

 

Annotation 2020-05-27 175021.png

Preparing for the Cybersecurity Maturity Model Certification (CMMC) Part 1: Practice and Process

All of us here at Rapid7 hope that you and your families are safe and well during this unprecedented national crisis. Despite the fact that COVID-19 has many of us focused on other priorities, the expectation at the time of publication of this blog is that the Cybersecurity Maturity Model Certification (CMMC) is proceeding along original timelines. The certification is presently expected to be phased into new DoD contracts starting in Q3 2020. As such, it is important that all affected organizations continue to prepare for the requirements. Click Here to Read More...

 

Annotation 2020-05-27 174655.png

How the MassCyberCenter Helps Elevate Cybersecurity Initiatives in Municipalities

On this week’s episode of Security Nation, we had the pleasure of speaking with Stephanie Helm, director of the Massachusetts Cyber Center. In this interview, we discuss how she went from working in the Navy to becoming the director of this new initiative in Massachusetts and how her team is helping municipalities develop incident response plans and getting buy-in and budget for security amidst other priorities. Click Here to Read More...

 

Annotation 2020-05-27 174332.png

The Healthcare Security Pro's Guide to Ransomware Attacks

Healthcare professionals are performing heroics on a daily basis, working to the point of exhaustion and putting themselves in harm’s way as they try to save as many patients as possible. We applaud them every day in communities around the world with displays of our respect and gratitude. Click Here to Read More...

 

Annotation 2020-05-26 132626.png

Rapid7’s Full Stack Vulnerability Risk Management Portfolio Recognized for Application Security Capabilities

Many businesses rely on web applications for their success. Because of this, web applications are also perfect targets for attackers. This is why web apps and software vulnerabilities have become the top two ways external attackers are able to gain access to company networks. For these reasons and more, having a complete application security solution that spans infrastructure, compute instances, containers, and the web application itself is vital for organizations. Click Here to Read More...

 

Annotation 2020-05-26 132006.png

5 Challenges Outsourced Detection and Response Operations Can Help Solve

From the comfort of the Gloucester Shed—my “home office” that’s now gaining notoriety internally at Rapid7—I recently watched three colleagues speak in a webinar about the ways the world is changing around us and the relationships we have to nurture as a business community in order to navigate the inconstant world we find ourselves in. We are in strange times, indeed. Click Here to Read More...

 

Annotation 2020-05-26 131543.png

Reduce Risk with CyberArk and Rapid7 Integrations

It’s well known in the world of cybersecurity that you can’t secure what you don’t know exists. With today’s evolving threat landscape, it’s never been more of a challenge or a necessity to be able to discover and manage all of the accounts and credentials used by administrators and applications to access critical applications, systems, and data. Click Here to Read More...

 

Annotation 2020-05-26 131109.png

Optimizing Security in the Work-From-Home Era

In Part 1 of the CMMC series, we introduced the Cybersecurity Maturity Model Certification (CMMC) and the concept of Practices and Processes within. Let’s take a deeper dive into some of these concepts to gain a better understanding of how the framework is designed. Click Here to Read More...

 

Annotation 2020-05-26 103736.png

Preparing for the Cybersecurity Maturity Model Certification (CMMC), Part 2: The Larger Picture

In Part 1 of the CMMC series, we introduced the Cybersecurity Maturity Model Certification (CMMC) and the concept of Practices and Processes within. Let’s take a deeper dive into some of these concepts to gain a better understanding of how the framework is designed. Click Here to Read More...

 

Annotation 2020-05-26 103219.png

Integrity Is Indispensable: Assessing Partnerships and Performance Metrics in a Crisis Response

On our third installment of Rapid7’s Remote Work Readiness Series, join us as we reflect on how to leverage partnerships to build trust and mitigate risk. From helping users customize their existing controls to improving vendor relationships, our service and security experts discuss what we can anticipate as COVID-19 continues to shape our security environment. Click Here to Read More...

 

newblg1.jpg

4 Common Goals For Vulnerability Risk Management Programs

At Rapid7, we have made it our top priority to uncover unmet customer needs and create value in new product development that addresses these needs. This post will give you a glimpse into the research that was conducted to pinpoint under-served and unmet customer needs in the vulnerability risk management space. Click Here to Read More...

 

newblg2.jpg

Analyze Security Data Faster with Visual Search in InsightIDR

Data analysis is more than just collecting data and making it available (and that’s not analysis at all, actually, despite what some traditional SIEMs might claim). Analysis transforms data into something useful. It gives us insights, correlations, and trends that we can use to take action or change behavior. Analysis is powerful, but when analysis is married with data visualization, it becomes a storyClick Here to Read More...

 

newblg3.jpg

SOC Automation: Accelerate Threat Detection and Response with SIEM and SOAR

At Rapid7, we have the opportunity to talk to security professionals from all types of organizations. Whether we’re conversing with our largest customers or a Security Operations Center (SOC) team of one, there are a few challenges we hear about again and again. We believe that the best solution to industry-wide struggles with threat detection and response is to increase efficiency using SIEM and SOAR together. Click Here to Read More...

 

newblg4.jpg

3 Common Threats to Look for in Your Network Data

Continuously monitoring your network activity for signs of attack is a great way to catch hackers and breaches before they become problems. However, network traffic data can be overwhelming based on the sheer amount generated, not to mention its confusing complexity. Wading through the noise is a top priority for security professionals so they can detect threats early and react swiftly. Click Here to Read More...

 

newblg5.jpg

Proactive Security Is the New Black: Lessons from the Trenches of Building a Security Product

On this week’s episode of Security Nation, we had the pleasure of speaking with Alex Kreilein, CISO for RapidDeploy, a back-end SaaS service for 911 and emergency communication systems. Prior to this, Alex ran a small investment fund for cybersecurity startups. He also had his own company called SecureSet, which was the country’s first cybersecurity boot camp. Click Here to Read More...

 

newblg6.jpg

The Importance of Network Visibility With a Remote Workforce

We are now living in challenging times due to the COVID-19 outbreak as we work from home, self-isolate, and protect the vulnerable. I must say a big thanks to my employer, Rapid7, for having a robust system that enables working from home. Our IT teams have worked around the clock to expand services for remote workers so that we can continue to deliver value for our customers. Well done, all! Click Here to Read More...

 

newblg7.jpg

How to WFH and Keep Your Digital Self Safe

We have rapidly entered a new era of living with a global pandemic. As a result, many are working from home - at kitchen tables, sitting on the sofa, or typing at a desk next to the bed. With very little notice, our work and personal lives have changed, and we don’t know how long this will last. Without any talk of FUD (fear, uncertainty, doubt), it got me thinking about how we can stay safe online in this new world. Click Here to Read More...

 

newblg8.jpg

Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)

Microsoft released security updates to address a vulnerability in Microsoft Exchange that would allow an attacker to turn any stolen Exchange user account into a complete system compromise. In many implementations, this could be used to completely compromise the entire Exchange environment (including all email) and potentially all of Active Directory. Click Here to Read More...

 

newblg9.jpg

Shifting Security Conferences to Virtual: The New Face of Events in 2020 and Beyond

On this week’s episode of Security Nation, we had the pleasure of speaking with John Strand, CEO of BlackHills Information Security, a company that specializes in penetration testing, red teaming, and threat hunting. In this interview, we discuss how his team works remotely, how they created a virtual event in just three days amid the COVID-19 pandemic and now teach others to do the same, and his predictions on the future of events. Click Here to Read More...

 

newblg10.jpg

How to Measurably Reduce False Positive Vulnerabilities by Up To 22%

If you’ve been in the security industry for any amount of time, you’re no stranger to false positives. They show up in nearly every security monitoring tool and can waste an incredible amount of time and resources that your team should be spending on issues that actually matter. The good news is, there is a way to measurably reduce them so you can reallocate your team’s time from investigative to proactive work. Here’s how. Click Here to Read More...

 

rec.jpg

Rapid7 2020 Threat Report: Exposing Common Attacker Trends

Organizations continue to host vulnerable, internet-exposed systems that are being targeted by attackers. Simultaneously, attackers are targeting valid user accounts as their preferred method for breaching an environment. Click Here to Read More...

 

blg2.jpg

How We Used Data Science Magic to Predict Key RSA 2020 Themes and Takeaways

There’s nothing quite like attending the annual RSA security conference in San Francisco, but amid the noise of more than 40,000 attendees, hundreds of vendors, and a whirlwind of information, it can be tough to pull out key messages to take back to our desks. Click Here to Read More...

 

blg3.jpg

How to Improve Vulnerability Patching Efficiency through Automation

The 2019 Forrester Total Economic Impact™ of Rapid7 InsightVM found that our customers saw a 60% reduction in effort for patching, thanks to automation and improved workflows, especially through integrations with popular patching software. But just how can automation improve your security team’s patching efficiency? Click Here to Read More...

 

blg4.jpg

Rapid7 Named 2019 Global SOAR Company of the Year by Frost & Sullivan

Global IT staffing shortages are on the rise, and the number of security threats continues to grow, along with the number of tools security professionals use to address these threats. Because of this, security teams oftentimes feel overwhelmed by the sheer amount of alerts they receive on a daily basis. Click Here to Read More...

 

blg5.jpg

Rapid7 Named a Leader in 2020 Gartner Magic Quadrant for Security Information and Event Management

Gartner’s Magic Quadrant reports offer a framework for evaluating technology vendors in a given space. In the case of the Magic Quadrant for SIEM, technology providers were measured on two axis: completeness of vision and ability to execute. Click Here to Read More...

 

blg6.jpg

Hackers On The Hill - Slides and recap on cybersecurity policy

In advance of ShmooCon, Rapid7 co-organized the Hackers On The Hill event with the omnipresent Beau Woods of I Am The Cavalry. The event aims to help give security pros an opportunity to learn about engaging in public policy relating to cybersecurity. Click Here to Read More...

 

blg7.jpg

How to Identify, Prioritize and Remediate Vulnerabilities in the Cloud

If you use a cloud provider like AWS, you know there are some security features you can access for free, such as AWS Security Hub, AWS Identity & Access Management, and AWS Firewall Manager. Unfortunately, as we covered in part one of this series, that’s not enough coverage for what many organizations need in today’s cloud environments, especially considering the fact that cloud providers can only protect the core infrastructure. Click Here to Read More...

 

Screenshot (32).png

Moving Toward a Better Signature Metric in SOCs: Detection Efficacy

Much more critical work must be done to curb the COVID-19 global pandemic and save lives, and thus it feels a bit silly to even discuss sports—or for that matter, sports metrics. However, while we stay home managing our new routines, and doing what we can to care for our families, friends, and neighbors, perhaps it may also be helpful to let our minds wander, and take this time to explore new ways of thinking. Hopefully this blog helps to provide some useful distraction. Click Here to Read More...

 

Screenshot (33).png

Supporting Our Medical Professionals in the Age of COVID-19: Cybersecurity in the Healthcare Sector

Now more than ever, healthcare workers need and deserve top-notch technical support. But between skyrocketing demand for telepractitioners and rising incidence of cybersecurity attacks, IT managers want to know how best to maintain their security posture. To help answer this, Rapid7 consulted tech leaders versed in the healthcare space for advice on adapting cybersecurity to the demand presented by COVID-19. Click Here to Read More...

 

Screenshot (34).png

The Security Practitioner's Intro to the Cloud: Everything You Ever Wanted to Know But Were Afraid to Ask

Long after I had started living on my own, my understanding of mortgages was pretty shaky at best. I only kind of knew what a mortgage was, but because everyone else around me seemed to have totally grasped the concept, I didn’t want to ask questions and come off as stupid. In the many conversations I’ve had with security professionals, I’ve found the same to be true of the cloud. There’s still a gap in understanding, even at a very basic level, but most don’t know where to turn and are certainly not asking their peers for fear of feeling behind or uninformed. In this blog post, I'm going to provide an introductory primer on the cloud and cloud security to help fill in whatever blanks you might have. Click Here to Read More...

 

Screenshot (35).png

How Rapid7 Customers Are Using Network Traffic Analysis in Detection and Response

Network Traffic Analysis is available within InsightIDR and MDR via the Insight Network Sensor. This is an installable package for Linux systems. We have more information about the install process on our sensor help site. The Insight Network Sensor is available to all customers, and we also have an add-on available for customers who want access to network flow type data.Click Here to Read More...

 

Screenshot (36).png

Back to Basics: Maintaining Cloud Migration Oversight While Navigating the New Normal

On the fifth and final installment of our Remote Work Readiness Series, Rapid7 taps industry insiders for what the future of security leadership might look like as we enter the next phase. From successful cloud journeys to the benefits of user- and service-based security controls, get their take on everything risk management as we find a new normal. Click Here to Read More...

 

Screenshot (37).png

CVE-2020-2021 Authentication Bypass in PAN-OS Security Assertion Markup Language (SAML) Authentication Disclosed

Rapid7 recommends patching your PAN-OS devices regardless of whether organizations are exposing this specific configuration, but sites that do have their PAN-OS devices configured this way should patch immediately. Click Here to Read More...

 

Screenshot (38).png

12 Most Exploited Vulnerabilities: How to Navigate Vulnerabilities in a Security Program

In a recent alert published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the organization laid out the 12 most exploited vulnerabilities since 2016. Navigating these most commonly exploited vulnerabilities can be a hassle if you don’t have a true patching and/or vulnerability management program, and  buy-in and partnership from all relevant business areas. Before you tackle these vulns, make sure you’ve taken these steps first. Click Here to Read More...

 

Screenshot (40).png

Top 5 Ways to Get a Network Traffic Source on Your Network

If you want to monitor network traffic on your network, you will need a source of network packets. Thankfully, there are many options available, and in this post there are 5 best ways to get a Network Traffic Source. Click Here to Read More...

 

Screenshot (41).png

How to Operationalize Threat Response from Chat Using InsightConnect

Today, more and more security teams are relying on chat and collaboration tools like Slack and Microsoft Teams to communicate quickly and effectively as they work to keep their organizations secure. Click Here to Read More...

 

Screenshot (42).png

Defense in Depth Using Deception Technology in InsightIDR

Welcome to the land of confusion and misdirection! Today, we are diving into the four pieces of deception technology that Rapid7 offers through our incident detection and response tool, InsightIDR. These include honeypots, honey users, honey files, and honey credentials. Click Here to Read More...

 

Screenshot (43).png

Cloud Best Practices Every Security Professional Should Know

In part one of this two-part series on the cloud and cloud security for security professionals, we dove into everything you’ve ever wanted to know about the cloud (but were afraid to ask). Now that you have a better understanding of what the cloud actually is and how it works, let’s dive into how to secure cloud infrastructure. Namely, we’re going to talk about the top security controls that should be used to help ensure your environment is set up securely. Click Here to Read More...

 

Screenshot (44).png

Data Ingestion and Data Digestion: What SIEM Log Consumption Tells Us About Modern Attack Patterns

One of the crucial pain points for today’s security teams is the difficulty in keeping up with the demand to continually invest (and re-invest) in technology that adequately responds to new and evolving threats. More than likely, your tech environment includes pieces that didn’t even exist when traditional SIEMs were first introduced. Click Here to Read More...

 

Screenshot (45).png

Stop Attackers in Their Tracks with Insight Agent Quarantine

Rapid7’s Insight Agent is lightweight software you can easily install on any asset—in the cloud or on-premises—to collect data from across your security and IT environment. This agent is used across InsightVM, InsightIDR, InsightOps, and related managed services to give teams real-time visibility into diverse endpoints and to detect the risks that may exist on those endpoints. Click Here to Read More...

 

Contracts

Federal

ITES-SW

W52P1J-15-D-0008
Mar 03, 2015- Aug 10, 2020
*Additional Option Years Available

State and Local

National Cooperative Purchasing Alliance (NCPA)

NCPA 01-86
Apr 11, 2016- Nov 30, 2021

Education

The Quilt

MSA - 05012019F
Apr 01, 2016- Apr 30, 2022

Events

Resources

E-Book

Actions you can take to lower the risk and impact of this kind of attack in the public sector.

Actions you can take to lower the risk and impact of this kind of attack in the education industry.

Detecting active compromise inside IT environments as part of an incident detection and response program is critical. Rapid7 experts have identified the seven best practices for an effective cybersecurity program by applying defense to detection and response. Download the guide to access the bes...

Guide

Used by leading cloud adopters like Discovery, 3M, Twilio, Kroger, Fannie Mae, Spotify, and Autodesk, DivvyCloud by Rapid7 is an automated platform that identifies, analyzes and remediates cloud vulnerabilities using customer-defined rules and actions. DivvyCloud by Rapid7 is designed to enable orga...

Product Brief

Protecting your business from vulnerability and compromise. Optimizing your operations for success. Your daily responsibilities don’t have to be so daunting: The solution is SecOps, an organizational practice that breaks down the silos between Security, IT, and Development. Learn more about ho...

Resources

Today’s security and IT teams are understaffed and overloaded with tools, techniques, languages, processes… the list goes on. And with the talent shortage growing by the day, it can feel like keeping up is nothing but a pipe dream. But have no fear, security orchestration and automation (SOA...

Launched in 2017, “Under the Hoodie” aims to demystify the practice of penetration testing by surveying those in the field on what they see during client engagements—all to determine countermeasures you can take to best detect and prevent the truly sinister folks from breaching your network. W...

Solutions Brief

Government agencies are increasingly becoming targets for cyberattacks and espionage. As custodians of public data, you have a mission to protect confidentiality above all other security concerns. That requires continuous monitoring, analysis, and remediation. Meanwhile, the public sector faces a hi...

In this solution guide, we highlight how Rapid7 is helping our customers evolve their vulnerability management programs to meet today’s challenges. We focus on four areas: Enhancing network vulnerability assessment, addressing web application vulnerabilities, protecting employees and mitigatin...

Whitepaper

Any organization that is transitioning to public cloud and using one or more cloud service providers, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), should immediately consider shifting toward a new model of security focused on continuous control and enforcement...