Rapid7 Blog

Attackers are Working Around The Clock. Luckily, So Are We.

November 30, 2023

It takes an average of 204 days for organizations to discover a breach, and from there an average of 73 days to contain it. With the average cost of a breach at an all time high of $4.45 million (IBM’s Cost of a Data Breach Report 2023), there’s an undeniable need for teams to enlist the right experts to quickly eradicate threats... Read Rapid7's Blog Here.

Rapid7 Takes Next Step in AI Innovation with New AI-Powered Threat Detections

November 29, 2023

Digital transformation has created immense opportunity to generate new revenue streams, better engage with customers and drive operational efficiency... Read Rapid7's Blog Here.

When Maximum Effort Doesn't Equate to Maximum Results

November 21, 2023

It’s no secret that security teams are feeling beleaguered as a result of the barrage of data, events, and alerts generated by their security tools, to say nothing of the increased budget scrutiny and constrained staff resources that continue to plague cybersecurity practitioners... Read Rapid7's Blog Here.

Manage Enterprise Risk at Scale with a Unified, Holistic Approach

Nov 16, 2023

The rapid pace of technological change and the attendant rise of cyber threats in both speed and number leave most organizations at a disadvantage... Read Rapid7's Blog Here.

Unlock Broader Detections and Forensics with Velociraptor in Rapid7 XDR

September 29, 2023

Nearly 70% of companies that are breached are likely to get breached again within twelve months (CPO). Effective remediation and addressing attacks at the root is key to staying ahead of threats and recurring breaches on the endpoint. Strong Digital Forensics and Incident Response (DFIR) ready to go when any incident occurs is a critical piece of a security team’s toolkit and drives successful response and remediation... Read Rapid7's Blog Here.

What’s New in InsightVM and Nexpose: Q3 2023 in Review

September 29, 2023

A lot of new and exciting product updates this quarter to help customers continue driving better security outcomes. We are thrilled to launch a new vulnerability risk scoring strategy this quarter along with upgrades like improved UI for the Engine Pool page, more policy coverage, and more. Let’s take a look at some of the key updates in InsightVM and Nexpose from Q3... Read Rapid7's Blog Here.

Rapid7 doubles down on a platform approach for Vulnerability Risk Management

September 20, 2023

This week, Rapid7 was named a Strong Performer in The Forrester Wave™: Vulnerability Risk Management, Q3 2023. The report, which included 11 vulnerability risk management vendors, represented Rapid7's inclusion in the Wave report for vulnerability management. We are proud to be recognized for our consolidated platform approach, speedy response to actively exploited emergency vulnerabilities, and a deep commitment to the cybersecurity community through open-source tools and community research... Read Rapid7's Blog Here.

Rapid7 Delivers Visibility Across All 19 Steps of Attack in 2023 MITRE Engenuity ATT&CK® Evaluations: Enterprise

September 20, 2023

Over seven years ago, we set out to change the way that SOCs approach threat detection and response. With the introduction of InsightIDR, we wanted to address the false positives and snowballing complexity that was burning out analysts, deteriorating security posture, and inhibiting necessary scale. We wanted to deliver a more intuitive and pragmatic approach, providing the most comprehensive coverage, with the strongest signal-to-noise... Read Rapid7's Blog Here

Three Security Vendor Consolidation Myths Debunked

August 23, 2023

When it comes to security vendor consolidation, Gartner found that 57% of organizations are working with fewer than ten security vendors, utilizing consolidation to cut costs and improve their overall security posture... Read Rapid7's Blog Here.

Ransomware-as-a-Service Cheat Sheet

August 22, 2023

Ransomware-as-a-Service, or RaaS, has taken the threat landscape by storm — so much so that in 2023, the White House re-classified ransomware as a national security threat. How has RaaS taken the impact of ransomware attacks to this next level of federal concern? By allowing potential cybercriminals to launch a ransomware attack regardless of their experience with programming or technical sophistication... Read Rapid7's Blog Here.

How To Present SecOps Metrics

August 01, 2023

SecOps metrics can be a gold mine of potential for informing better business decisions, but 78% of CEOs say they don’t have adequate data on risk exposure to make good decisions. Even when they do see the right data, 82% are inclined to “trust their gut” anyway... Read Rapid7's Blog Here.

Alerting Rules!: InsightIDR Raises the Bar for Visibility and Coverage

July 06, 2023

I've worked in cybersecurity for over two decades, so I've seen plenty of platforms come and go—some even crash and burn. But Rapid7, specifically InsightIDR, has consistently performed above expectations. In fact, InsightIDR has become an essential resource for maintaining my company’s cybersecurity posture... Read Rapid7's Blog Here.

Rapid7 Solutions for Partners

June 28, 2023

Central to our mission at Rapid7 is building long-term relationships with partners who deliver valuable security solutions to customers. As customers increasingly seek managed services to meet their security needs, we've eagerly expanded our partner ecosystem to support a rapidly growing body of Managed Security Service Provider (MSSP) partners... Read Rapid7's Blog Here.

Cyber Asset Attack Surface Management 101

June 21, 2023

It's essential for security and IT teams to have a comprehensive view and control of their cyber assets. This is why Cyber Asset Attack Surface Management (CAASM) has received so much attention from security practitioners and leaders... Read Rapid7's Blog Here.

Rapid7 Recognized as a Strong Performer in The Forrester Wave™ for MDR, Q2 2023

May 18, 2023

Rapid7 recognized as one of the top 13 vendors as a strong performer by the Forrester WaveTM for MDR, in Q2 2023... Read Rapid7's Blog Here.

Executive Webinar: Confronting Security Fears to Control Cyber Risk, Part Three

March 29, 2023

Part 3: Confronting Security Fears to Control Cyber Risk Webinar... Read Rapid7's Blog Here.

Three Steps for Ramping Up to Fully Automated Remediation

March 15, 2023

The number one threat to cloud security is misconfiguration of resources, and frankly, it's not hard to understand why. The cloud is getting bigger, more tangled, and flat-out more unmanageable by the day... Read Rapid7's Blog Here.

Rapid7 Threat Command Delivered 311% ROI: 2023 Forrester Consulting Total Economic Impact™ Study

March 15, 2023

Security teams must continuously contort their efforts to effectively respond to the growing volume of cyberthreats. These constantly shifting methods in the security operations center (SOC) can be difficult to manage in the face of emerging external threats—it can be like keeping multiple spinning plates in the air at once... Read Rapid7's Blog Here.

Cloud Security Strategies for Healthcare

March 14, 2023

The healthcare industry is undergoing a transformational shift. Health organizations are traditionally entrenched in an on-prem way of life, but the past three years have plunged them into a digital revolution. A heightened demand for improved healthcare services—like distributed care and telehealth—ignited a major push for health orgs to move to the cloud, and as a result, implement new cloud security strategies... Read Rapid7's Blog Here.

Executive Webinar: Confronting Security Fears to Control Cyber Risk, Part Two

March 14, 2023

In the session, Jason Hart, Rapid7’s Chief Technology Officer, EMEA, will discuss how organisations can develop the ability to adapt while being able to quickly revert to their original structure after times of great stress and impact... Read Rapid7's Blog Here.

What Tech Companies Should Look For in Cloud Security

March 08, 2023

The cloud's computing power and flexibility unlocks unprecedented speed and efficiency—a tech company's two best friends. But with that speed and efficiency comes new environments and touchpoints in an organization's footprint. That expanding attack surface brings along with it an expanding range of security concerns... Read Rapid7's Blog Here.

Executive Webinar: Confronting Security Fears to Control Cyber Risk

February 28, 2023

In the session, Jason Hart, Rapid7’s Chief Technology Officer, EMEA, shared his experiences to help executives enhance their cyber mission and vision statements to create a positive cybersecurity culture that permeates the business... Read Rapid7's Blog Here.

The Next Generation of Managed Detection and Response is Here

February 22, 2023

Security teams manage an average of 76 different tools. Breaches have gone from “s#&@!” to “inevitable.” That’s why we built Managed Threat Complete to address the reality of today’s threat environment. By 2025, Gartner says 50% of organizations will decide to partner with an MDR (Managed Detection and Response) service for 24x7 monitoring... Read Rapid7's Blog Here.

Rapid7 CEO Corey E. Thomas Appointed To National Security Telecommunications Advisory Committee

February 16, 2023

President Biden has announced his intent to appoint a group of highly qualified and diverse industry leaders, including Rapid7 chairman & CEO Corey E. Thomas, to the President’s National Security Telecommunications Advisory Committee (NSTAC)... Read Rapid7's Blog Here.

The High Cost of Human Error In OT Systems

January 26, 2023

Rapid7’s partner SCADAfence recently commissioned a survey of 3500 OT professionals. Among the findings, nearly 80% of respondents believe that human error presents the greatest risk for compromise to operational technology (OT) control systems... Read Rapid7's Blog Here.

Rapid7 Added to Carahsoft GSA Schedule Contract

January 24, 2023

We are happy to announce that Rapid7 has been added to Carahsoft’s GSA Schedule contract, making our suite of comprehensive security solutions widely available to Federal, State, and Local agencies through Carahsoft and its reseller partners. "With the ever-evolving threat landscape, it is important that the public sector has the resources to defend against sophisticated cyber attacks and vulnerabilities," said Alex Whitworth, Sales Director who leads the Rapid7 Team at Carahsoft... Read Rapid7's Blog Here.

Rapid7 Now Available Through Carahsoft’s NASPO ValuePoint

January 24, 2023

We are happy to announce that Rapid7’s solutions have been added to the NASPO ValuePoint Cloud Solutions contract held by Carahsoft Technology Corp. The addition of this contract enables Carahsoft and its reseller partners to provide Rapid7’s Insight platform to participating States, Local Governments, and Educational (SLED) institutions... Read Rapid7's Blog Here.

Aligning to AWS Foundational Security Best Practices With InsightCloudSec

November 22, 2022

When an organization is moving their IT infrastructure to the cloud or expanding with net-new investment, one of the hardest tasks for the security team is to identify and establish the proper security policies and controls to keep their cloud environments secure and the applications and sensitive data they host safe... Read Rapid7's Blog Here.

Emerging best practices for securing cloud-native environments

October 18, 2022

Globally, IT experts recognise security as the most significant barrier to cloud adoption, in part because many of the ways of securing traditional IT environments are not always applicable to cloud-native infrastructure. As a result, security teams may find themselves behind the curve and struggling to keep up with the ambitious digital transformation programs set by their senior leadership teams... Read Rapid7's Blog Here.

Real-Time Risk Mitigation in Google Cloud Platform

October 12, 2022

With Google Cloud Next happening this week, there’s been some recent water cooler talk - okay, informal, ad hoc Zoom calls - where discussions about what makes Google Cloud Platform (GCP) unique when it comes to security. A few specific differences have popped up here and there (default data encryption, the way IAM is handled, etc.), but, generally speaking, many of the principles that apply to all other cloud providers apply to GCP environments... Read Rapid7's Blog Here

Prioritizing XDR in 2023: Stronger Detection and Response With Less Complexity

September 21, 2022

Talk in the market continues to swirl around extended detection and response (XDR) solutions. What are they? What are the benefits? Should my team adopt XDR, and if yes, how do we evaluate vendors to determine the best approach?... Read Rapid7's Blog Here.

Rapid7 Named a Visionary in 2022 Magic Quadrant™ for Application Security Testing Second Year in a Row

April 21, 2022

For the second year in a row, Rapid7 has been named a Visionary in the Gartner® 2022 Magic Quadrant for Application Security Testing. We believe we accomplished this by combining an industry-leading dynamic application security testing (DAST) solution with container and cloud security, security across the software development life cycle (SDLC), strategic partnerships, and a customer-centric approach that anticipates the needs of not just security teams but DevOps teams as well. All in a package that is easy to utilize and highly accurate... Read Rapid7's Blog Here.

Spring4Shell: Zero-Day Vulnerability in Spring Framework (CVE-2022-22965)

March 30, 2022

Rapid7 has completed remediating the instances of Spring4Shell (CVE-2022-22965) and Spring Cloud (CVE-2022-22963) vulnerabilities that we found on our internet-facing services and systems. For further information and updates about our internal response to Spring4Shell, please see our post here... Read Rapid7's Blog Here.

The Digital Citizen’s Guide to Navigating Cyber Conflict

March 25, 2022

As security professionals, we are currently being bombarded with warnings and alerts of a heightened threat level due to the possibility that Russia will start to more aggressively leverage cyberattacks as part of their offensive. If you are feeling the pressure of getting everything done, check out this post that identifies the 8 most important emergency conflict actions for your security program... Read Rapid7's Blog Here.

Rapid7 Recognized as Top Ranked in Current Offering Category in Forrester Wave™ for Cloud Workload Security

March 23, 2022

The widespread growth in cloud adoption in recent years has given businesses across all industries the ability to transform and scale in ways never before possible. But the speed of those changes, combined with the increased volume and complexity of resources in cloud environments, often forces organizations to choose between slowing the pace of innovation or taking on massive amounts of unmanaged risk... Read Rapid7's Blog Here.

8 Tips for Securing Networks When Time Is Scarce

March 22, 2022

Recently, CISA released their Shields Up guidance around reducing the likelihood and impact of a cyber intrusion in response to increased risk around the Russia-Ukraine conflict. This week, the White House echoed those sentiments and released a statement about potential impact to Western companies from Russian threat actors. The White House guidance also included a fact sheet identifying urgent steps to take. Given the urgency of these warnings, many information security teams find themselves scrambling to prioritize mitigation actions and protect their networks...​​​ Read Rapid7's Blog Here.

The VM Lifecycle: How We Got Here, and Where We’re Going

March 16, 2022

The immutable truth that vulnerability management (VM) programs have long adhered to is that successful programs should follow a consistent lifecycle. This concept is simply a series of phases or steps that have a logical sequence and are repeated according to an organization’s VM program cadence... Read Rapid7's Blog Here.

Cybercriminals’ Recruiting Effort Highlights Need for Proper User Access Controls

March 15, 2022

The Lapsus$ ransomware gang’s modus operandi seems to be evolving. Following the recent data breaches of Nvidia and Samsung, on March 10, 2022, the Lapsus$ ransomware gang posted a message on their Telegram channel claiming that they were looking to recruit employees/insiders of companies in the telecommunications, software/gaming, call center/BPM, and server hosting industries... Read Rapid7's Blog Here.

New US Law to Require Cyber Incident Reports

March 10, 2022

The US Congress is poised to pass the Cyber Incident Reporting for Critical Infrastructure Act of 2022. Once signed by the President, it will become law. The law will require critical infrastructure owners and operators to report cyber incidents and ransomware payments. The legislation was developed in the wake of the SolarWinds supply chain attack and recently gained additional momentum from the Russia-Ukraine conflict. This post will walk through highlights from the law. Rapid7 supports efforts to increase transparency and information sharing in order to strengthen awareness of the cybersecurity threat landscape and prepare for cyberattacks. We applaud passage of the Cyber Incident Reporting for Critical Infrastructure Act... Read Rapid7's Blog Here.

For Health Insurance Companies, Web Apps Can Be an Open Wound

February 23, 2022

At IntSights, a Rapid7 company, our goal is to ensure organizations everywhere understand the threats facing them in today's cyber landscape. With this in mind, we took a focused look at the insurance industry — a highly targeted vertical due to the amount of valuable data these organizations hold. We've collected our findings in the “2022 Insurance Industry Cyber Threat Landscape Report," which you can read in full right now... Read Rapid7's Blog Here.

Update on Log4Shell’s Impact on Rapid7 Solutions and Systems

December 14, 2021

Like the rest of the security community, we have been internally responding to the critical remote code execution vulnerability in Apache’s Log4j Java... Read Rapid7's Blog Here.

Kubernetes Guardrails: Bringing DevOps and Security Together on Cloud

December 06, 2021

Cloud and container technologies are being increasingly embraced by organizations around the globe because of the efficiency, superior visibility, and control... Read Rapid7's Blog Here.

tCell by Rapid7 Supports the Newly Released .NET 6.0

November 10, 2021

Since the founding of tCell by Rapid7, our web application and API protection solution, we’ve prided ourselves on providing both breadth and depth of... Read Rapid7's Blog Here.

4 Simple Steps for an Effective Threat Intelligence Program

October 15, 2021

Threat intelligence is a critical part of an organization's cybersecurity strategy, but given how quickly the state of cybersecurity evolves, is the traditional mode... Read Rapid7's Blog Here.

Rapid7 Named a Leader, 2021 Gartner Magic Quadrant for SIEM

July 06, 2021

This is the second consecutive time our SaaS SIEM—InsightIDR—has been named a Leader in this report... Read Rapid7's Blog Here.

Attack vs. Data: What You Need to Know About Threat Hunting

March 25, 2021

While the definition of threat hunting may be straightforward—proactively hunting for threats—the reality of implementing a threat-hunting program is a bit more complicated, as there are different threat-hunting methodologies to choose from... Read Rapid7's Blog Here.

InsightIDR’s NTA Capabilities Expanded to AWS

March 10, 2021

We’re excited to announce we have expanded the Network Traffic Analysis (NTA) capabilities in InsightIDR to support Amazon Web Services (AWS) environments. This means InsightIDR and MDR customers can now ingest detailed network data from AWS, including north/south and east/west traffic across a customer’s Virtual Private Clouds (VPCs). This highly detailed traffic data allows a customer to understand user and application activity throughout an AWS environment... Read Rapid7's Blog Here.

How to Combat Alert Fatigue With Cloud-Based SIEM Tools

February 22, 2021

Today’s security teams are facing more complexity than ever before. IT environments are changing and expanding rapidly, resulting in proliferating data as organizations adopt more tools to stay on top of their sprawling environments. And with an abundance of tools comes an abundance of alerts, leading to the inevitable alert fatigue for security operations teams... Read Rapid7's Blog Here.

Take the Full-Stack Approach to Securing Your Modern Attack Surface

February 19, 2021

A modern methodology for vulnerability management (VM) is vital for organizations looking to minimize attack surfaces by prioritizing potential threats. This includes identifying, evaluating, treating, and reporting on security risks across key systems and the software that runs on them... Read Rapid7's Blog Here.

Set New InsightVM Goals and Share with Your Team for Increased Visibility and More Efficient Execution

December 22, 2020

Since 2018, thousands of enterprises have utilized InsightVM’s Goals and SLAs feature to build their organization-specific security goals22... Read Rapid7's Blog Here.

NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)

November 23, 2020

In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of the Microsoft SQL Server... Read Rapid7's Blog Here.

Visualizing Network Traffic Data to Drive Action

November 10, 2020

In this blog, we cover the top five multi-groupby queries that can be used to visualize network sensor data with the Insight Network Sensor... Read More.

The Story Behind Security Breaches

November 03, 2020

There are many potential causes of security breaches, but what is a common root cause? Human error... Read Rapid7's Blog Here.

Overview of Content Security Policies (CSPs) on the Web

November 02, 2020

A Content Security Policy is a protocol that allows a site owner to control what resources are loaded on a web page by the browser, and how those resources may be loaded... Read Rapid7's Blog Here.

National Cybersecurity Awareness Month: Security Pros Offer Top Tips for Staying Safe Online

October 30, 2020

For National Cybersecurity Awareness Month, we rounded up tips from our network of experts to help you easily shore up your approach to cybersecurity... Read Rapid7's Blog Here.

Scan Template Best Practices in InsightVM

October 26, 2020

This blog post will give you a ballpark best practice that applies to the majority of environments, as well as some descriptions that outline the thought process, math, and reasoning... Read Rapid7's Blog Here.

NICER Protocol Deep Dive: Internet Exposure of IMAP and POP

October 19, 2020

In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of IMAP and POP... Read Rapid7's Blog Here.

Introducing Enhanced Endpoint Telemetry (EET) in InsightIDR

October 15, 2020

Rapid7 is excited to announce Enhanced Endpoint Telemetry (EET) in our SIEM, InsightIDR... Read Rapid7's Blog Here.

2021 Detection and Response Planning, Part 2: Driving SOC Efficiency With a Detections-First Approach to SIEM

October 13, 2020

In this installment of our security planning series, we’ll explore the importance of reliable detections to drive an efficient security program forward... Read Rapid7's Blog Here.

PSA: Increase in RDP Attacks Means It's Time to Mind Your RDPs and Qs

October 09, 2020

Our research team looks into the increase in RDP attacks against RDP servers without multi-factor authentication enabled and helps organizations strengthen their infrastructure against these attacks... Read Rapid7's Blog Here.

How InsightVM Helps You Save Time and Prove Value

October 08, 2020

In this post, we’ll cover how InsightVM helps teams tackle operational challenges, maximize resources, and prove the value and ROI of their efforts... Read Rapid7's Blog Here.

Ransomware Payments and Sanctions - U.S. Treasury Advisory

October 06, 2020

The U.S. Department of Treasury issued an advisory warning that paying ransoms to cybercriminal groups risks violating sanctions. Rapid7 has previously recommended that victims not pay ransom, and urges organizations to focus on ransomware prevention and recovery... Read Rapid7's Blog Here.

Why Every Organization Needs a Vulnerability Management Policy

October 05, 2020

In this blog post, we will discuss why vulnerability management is critical for any organization looking to reduce risk... Read Rapid7's Blog Here.

Rapid7 Introduces “Active Response” for End-to-End Detection and Response

October 01, 2020

We are excited to announce the launch of our new Active Response capability as a part of our MDR Elite service... Read Rapid7's Blog Here.

Decentralize Remediation Efforts to Gain More Efficiency with InsightVM

September 17, 2020

Let’s talk about the reality of the remediation process today. We know it is often a cumbersome and time-consuming process, and it can be challenging for a Security team to work with IT Operations and Development teams, servicing many assets and owners. There isn’t a vulnerability management team on the planet that hasn’t been affected by productivity-draining reporting, emails, ticketing, and one-off vulnerability verification requests... Read Rapid7's Blog Here.

Vulnerability Remediation vs. Mitigation: What’s the Difference?

September 14, 2020

Vulnerability management programs look different depending on the available resources and specific risks your organization faces. While both identifying and evaluating possible threats are important steps, the most time-consuming step is actually treating the vulnerability. Read Rapid7's Blog Here.

How Three InsightVM Customers Scaled Their Vulnerability Management Programs with Rapid7

August 28, 2020

Managing the totality of vulnerabilities in your IT environment is a tall order. To run your vulnerability management program as a well-oiled machine, you need all the pieces in place, from visibility of all of your assets to effective reporting mechanisms that demonstrate value. But even with the best laid plans, taking full control of the wheel requires technology that supports the goals of your program... Read Rapid7's Blog Here.

How Rapid7 Customers Are Using Network Traffic Analysis in Detection and Response

June 18, 2020

Network Traffic Analysis is available within InsightIDR and MDR via the Insight Network Sensor. This is an installable package for Linux systems. We have more information about the install process on our sensor help site. The Insight Network Sensor is available to all customers, and we also have an add-on available for customers who want access to network flow type data... Read Rapid7's Blog Here.

The Importance of Network Visibility With a Remote Workforce

March 19, 2020

We are now living in challenging times due to the COVID-19 outbreak as we work from home, self-isolate, and protect the vulnerable. I must say a big thanks to my employer, Rapid7, for having a robust system that enables working from home. Our IT teams have worked around the clock to expand services for remote workers so that we can continue to deliver value for our customers. Well done, all!... Read Rapid7's Blog Here.

How to WFH and Keep Your Digital Self Safe

March 16, 2020

We have rapidly entered a new era of living with a global pandemic. As a result, many are working from home - at kitchen tables, sitting on the sofa, or typing at a desk next to the bed. With very little notice, our work and personal lives have changed, and we don’t know how long this will last. Without any talk of FUD (fear, uncertainty, doubt), it got me thinking about how we can stay safe online in this new world." Read Rapid7's Blog Here.

3 Common Threats to Look for in Your Network Data

March 12, 2020

Continuously monitoring your network activity for signs of attack is a great way to catch hackers and breaches before they become problems. However, network traffic data can be overwhelming based on the sheer amount generated, not to mention its confusing complexity. Wading through the noise is a top priority for security professionals so they can detect threats early and react swiftly... Read Rapid7's Blog Here.

Rapid7 2020 Threat Report: Exposing Common Attacker Trends

March 03, 2020

Organizations continue to host vulnerable, internet-exposed systems that are being targeted by attackers. Simultaneously, attackers are targeting valid user accounts as their preferred method for breaching an environment... Read Rapid7's Blog Here.

How We Used Data Science Magic to Predict Key RSA 2020 Themes and Takeaways

March 02, 2020

There’s nothing quite like attending the annual RSA security conference in San Francisco, but amid the noise of more than 40,000 attendees, hundreds of vendors, and a whirlwind of information, it can be tough to pull out key messages to take back to our desks... Read Rapid7's Blog Here.

How to Improve Vulnerability Patching Efficiency through Automation

February 28, 2020

The 2019 Forrester Total Economic Impact™ of Rapid7 InsightVM found that our customers saw a 60% reduction in effort for patching, thanks to automation and improved workflows, especially through integrations with popular patching software. But just how can automation improve your security team’s patching efficiency?... Read Rapid7's Blog Here..

Rapid7 Named 2019 Global SOAR Company of the Year by Frost & Sullivan

February 21, 2020

Global IT staffing shortages are on the rise, and the number of security threats continues to grow, along with the number of tools security professionals use to address these threats. Because of this, security teams oftentimes feel overwhelmed by the sheer amount of alerts they receive on a daily basis... Read Rapid7's Blog Here.

Rapid7 Named a Leader in Gartner Magic Quadrant for Security Information and Event Management (SIEM)

February 20, 2020

Gartner’s Magic Quadrant reports offer a framework for evaluating technology vendors in a given space. In the case of the Magic Quadrant for SIEM, technology providers were measured on two axis: completeness of vision and ability to execute... Read Rapid7's Blog Here

How to Identify, Prioritize and Remediate Vulnerabilities in the Cloud

February 05, 2020

If you use a cloud provider like AWS, you know there are some security features you can access for free, such as AWS Security Hub, AWS Identity & Access Management, and AWS Firewall Manager. Unfortunately, as we covered in part one of this series, that’s not enough coverage for what many organizations need in today’s cloud environments, especially considering the fact that cloud providers can only protect the core infrastructure... Read Rapid7's Blog Here.