Rapid7 Blog

Exploring an Untethered, Unified Approach to CTEM

May 7, 2025

"We live in a world where traditional Vulnerability Management (VM) has become infosec’s version of ‘whack-a-mole’— an attempt to tackle risks that constantly shift, multiply, and morph. As organizations push workloads to the cloud, offer customers..." Read the blog here.

Why is Ransomware Still a Thing in 2025?

May 1, 2025

"When was the last time you had a serious conversation about cybersecurity that didn’t touch on ransomware? We all know that it’s one of the most persistent and damaging threats out there. Yet,..." Read the blog here.

AI and Resilience Take the Spotlight in 2025: Key Trends from Gartner® Cybersecurity Research

May 1, 2025

"Cybersecurity has never stood still — but in 2025, it’s not just evolving. It’s transforming. Cybersecurity has entered a pivotal new phase. According to Gartner®, Top Trends..." Read the blog here.

Reinforcing resilience with financial assurance: Breach protection matters now more than ever

April 29, 2025

"Life’s old adage often applies in security: Hope for the best, prepare for the worst. In today’s threat landscape, even the best-prepared organizations can’t guarantee immunity from cyberattacks. The cost of a breach is no longer just a line item—it’s a..." Read the blog here.

InsightIDR AI Alert Triage Automatically Classifies Alerts with 99.93% Accuracy

April 29, 2025

"One universal truth in Security Operations Centers (SOCs) is that analysts are overwhelmed by the high volume of alerts they receive. In a recent survey, SOC teams reported they are inundated with an average of 4,484 alerts daily, with a..." Read the blog here.

Deepening the MDR partnership: Rapid7 now delivers Active Remediation with Velociraptor

April 29, 2025

"Partnership means many things to us here at Rapid7. It means showing up with trusted expertise, providing clear guidance in moments of uncertainty, and helping security teams stay ahead of ever-evolving threats. Most of all, we see partnership..." Read the blog here.

Driving down MTTR with Remediation Hub, Available in Rapid7 Exposure Command

April 29, 2025

"Technology innovation combined with the highly fragmented nature of today's IT landscape means that vulnerabilities are being exploited faster and at greater scale than ever. Security teams contend with a daily surge of new threat actors and attack..." Read the blog here.

From Exposure to Assurance: Unified Remediation Across the Security Lifecycle

April 29, 2025

"When it comes to defending your organization, every second counts. The time to detect, respond, and remediate is critical, but speed alone isn't enough. Fragmentation across security tools, siloed teams, and manual workflows leaves..." Read the blog here.

Introducing Rapid7’s Exposure Assessment Platform Buyer’s Guide

April 28, 2025

"Cybersecurity threats are evolving at an unprecedented pace, making it imperative for organizations to stay ahead of attackers with proactive security measures. To help organizations navigate this rapidly changing threat landscape, we are excited to..." Read the blog here.

THE NEW Rapid7 MDR for Enterprise: Tailored Detection and Response for Complex Environments

April 24, 2025

"Complex ecosystems. Custom applications. Specialized log sources. Distributed operations. Enterprise security leaders aren’t just defending against threats—they’re navigating a fragmented environment where visibility, coverage, and coordination..." Read the blog here.

Password Spray Attacks Taking Advantage of Lax MFA

April 10, 2025

"In the first quarter of 2025, Rapid7’s Managed Threat Hunting team observed a significant volume of brute-force password attempts leveraging FastHTTP, a high-performance HTTP server and client library for Go, to automate unauthorized logins..." Read the blog here.

2025 Ransomware: Business as Usual, Business is Booming

April 8, 2025

"Getting an edge on your adversaries involves understanding their behaviors and their mindset. Rapid7 Labs took a look at internal and publicly-available ransomware data for Q1 2025 and added our own insights to provide a picture of the year thus..." Read the blog here.

Pentales: Red Team vs. N-Day (and How We Won)

April 4, 2025

"During a recent Vector Command operation, I had the chance to sit down with one of our red teamers to hear firsthand how they identified and exploited an N-Day vulnerability in a customer’s environment. It’s a clear example of how continuous red..." Read the blog here.

A New Approach to Managing Vulnerabilities is Required - Work Smarter not Harder with Rapid7 Remediation Hub

April 1, 2025

"The volume of common vulnerabilities and exposures (CVEs) identified has now reached a level that even the organization tasked with managing them can no longer keep up. The National Vulnerability Database (NVD) announced in February 2024..." Read the blog here.

What’s New in Rapid7 Products & Services: Q1 2025 in Review

April 1, 2025

"At Rapid7, we started off the year focused on delivering new features and advancements across our products and services to bring you the context needed to prioritize exposures, visualize your attack surface, and accelerate incident response..." Read the blog here.

Seeing is Securing: MDR VALUE at-a-glance with the Detection and Response Dashboard

March 31, 2025

"Transparency is core to Managed Detection & Response (MDR). It’s necessary between Rapid7 and our customers as we conduct security operations on their behalf. And it’s necessary for our customers to communicate transparently and..." Read the blog here.

Overcoming the Challenges of Vulnerability Remediation

March 28, 2025

"The following is a guest blog post by Zac Youtz, Co-Founder and CTO at valued Rapid7 partner, Furl. Here, Zac discusses how to effectively remediate vulnerabilities discovered by Rapid7’s InsightVM..." Read the blog here.

Unpacking a post-compromise breach simulation with Vector Command

March 27, 2025

"In today’s evolving cyber landscape, breaches are not a matter of if, but when. Attackers continue to refine their techniques, using stealthy post-compromise tactics to maintain persistence, escalate privileges, and move laterally across..." Read the blog here.

Notable vulnerabilities in Next.js (CVE-2025-29927) and CrushFTP

March 25, 2025

"Rapid7 is warning customers of two notable (unrelated) vulnerabilities in Next.js, a React framework for building web applications, and CrushFTP, a file transfer technology that has previously been targeted by adversaries...." Read the blog here.

Rapid7 MDR Supports AWS GuardDuty's New Attack Sequence Alerts

March 21, 2025

"AWS GuardDuty has introduced two powerful new alerts that enhance its threat detection capabilities: "Potential Credential Compromise" and "Potential S3 Data Compromise." These alerts go beyond traditional threat detection by focusing on..." Read the blog here.

Apache Tomcat CVE-2025-24813: What You Need to Know

March 19, 2025

"Here at Rapid7, our usual bar for calling a vulnerability an emergent threat is either known exploitation at scale, or likelihood of exploitation at scale. Apache Tomcat CVE-2025-24813 fulfills neither of these criteria, despite a variety of news..." Read the blog here.

Fake BianLian Ransomware Letters in Circulation

March 19, 2025

"On March 5, the FBI issued an alert regarding a mail scam targeting U.S. business executives with extortion. The letters claim to be from noted ransomware group BianLian, demanding a payment in Bitcoin ranging from $250,000 to $500,000..." Read the blog here.

Helping us help you: Practical applications of AI in the SOC

March 11, 2025

"Security teams can be understandably hesitant to integrate artificial intelligence (AI) into incident response workflows. A single mistaken action could lead to widespread disruption, monetary loss, or reputational harm. Meanwhile, attackers..." Read the blog here.

Seeing The Whole Picture: A Better Way To Manage Your Attack Surface

March 10, 2025

"With cloud adoption, remote work, shadow IT, and AI, security teams face an overwhelming challenge: scoping their attack surface and continuously discovering all assets and exposures before threats emerge. This aligns with the critical first..." Read the blog here.

Building a High Performance Team in India: Meet Swami Nathan

March 4, 2025

"Swami Nathan has a track record of building new teams from scratch for global companies. Through his experiences, he’s identified what it takes to build not just any team - but a high performing team that drives innovation and growth for..." Read the blog here.

Why MDR In 2025 Is About Scaling With Purpose

February 27, 2025

"The digital landscape is expanding rapidly, and with it, the complexity of managing an organization's attack surface. To help cybersecurity professionals navigate this challenge, Rapid7 presents a three-part webinar series, "Commanding Your Attack..." Read the blog here.

MDR + SIEM: Why Full Access to Your Security Logs is Non-Negotiable

February 26, 2025

"Many Managed Detection and Response (MDR) providers promise world-class threat detection, but behind the scenes they lock away your security logs, limiting your visibility and control. It’s your data — so why don’t you have full access to it? Isn’t the..." Read the blog here.

Uncovering and Protecting Sensitive Data Across Cloud Environments with Exposure Command

February 25, 2025

"Modern organizations grapple with the complex task of securing sensitive data in sprawling hybrid and multi-cloud environments. Due to insufficient visibility and governance, data is often misplaced, duplicated, or left exposed. This fragmented..." Read the blog here.

Command Platform Innovations Eliminate Data Blind Spots Through Complete Visibility and Context-Driven Risk Prioritization

February 25, 2025

"Rapid7 provides unmatched attack surface visibility through the Command Platform, helping security teams identify, prioritize, and remediate risk across hybrid environments. Surface Command is the only solution available that combines native..." Read the blog here.

Under The Hoodie: The Pen Test Diaries

February 24, 2025

"Each year, Rapid7 penetration testers conduct over 1,000 security assessments, pushing boundaries to expose vulnerabilities before the bad guys do. The mission? Get in, escalate privileges, and own the environment—physically, digitally, or..." Read the blog here.

Rapid7 Fills Gaps in the CVE Assessment Process with AI-Generated Vulnerability Scoring in Exposure Command

February 19, 2025

"NIST released an update highlighting that there would be delays in adding information on newly published CVEs  (this is also discussed in detail in our blog post from March of 2024). Due to resource constraints and an inability to keep up..." Read the blog here.

How To Protect Your Organization's Bluesky Account From Security Threats

February 11, 2025

"When a new platform suddenly becomes popular, it’s not uncommon to see it stress tested by malware authors and fraudsters. Many organizations are making the leap to Bluesky without necessarily understanding the potential threats to an account..." Read the blog here.

Vector Command Opportunistic Phishing Blog

February 7, 2025

"During one of our customer engagements, our red team will continuously attack your network to see if we can exploit a vulnerability. One of the tactics, techniques and procedures (TTPs) we use is “Opportunistic Phishing”. First, let’s share a quick..." Read the blog here.

4 Reasons Why MSPs & MSSPs Need to Enhance Attack Surface Management

February 6, 2025

"In today’s rapidly evolving digital landscape, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) face increasing challenges. As businesses expand their digital footprints, MSPs and MSSPs are under pressure to..." Read the blog here.

Introducing the Exposure Management Webinar Series: Commanding Your Attack Surface

February 4, 2025

"The digital landscape is expanding rapidly, and with it, the complexity of managing an organization's attack surface. To help cybersecurity professionals navigate this challenge, Rapid7 presents a three-part webinar series, "Commanding Your Attack..." Read the blog here.

Paying It Forward: Giving and Receiving Mentorship in Tech

January 30, 2025

"I’ve never actually seen the 2000 romantic drama Pay It Forward, but the movie’s core idea has stayed with me since I first heard of it: The best way to repay a favor or good deed is to do one for someone else. You ‘pay..." Read the blog here.

The Vulnerability Vortex: Escaping the Whirlpool of Ineffective Security

January 24, 2025

"In today's interconnected digital landscape, organizations find themselves caught in a relentless torrent of security alerts and vulnerability notifications. As cyber threats evolve at breakneck speed, security teams struggle to keep their heads above water..." Read the blog here.

Key Takeaways: Mastering Risk Prioritization with Rapid7 Surface Command

January 23, 2025

"Managing risk in today’s sprawling IT environments demands precision and adaptability. Security teams face a constant influx of data from various tools, each offering fragmented insights. Rapid7’s Surface Command takes control of this..." Read the blog here.

Perfect Fit or Business Threat? How to Mitigate the Risk of Rogue Employees

January 16, 2025

"Rogue employees present significant financial and cybersecurity risks to organizations. Rapid7 threat researchers and penetration testers are actively observing how malicious actors exploit hiring pipelines to infiltrate businesses. This..." Read the blog here.

Securing Success: Stories from the SOC Webinar Series

January 10, 2025

"In today’s fast-paced threat landscape, SOC (Security Operations Center) teams are under relentless pressure. Cyberattacks are evolving, threat volumes are skyrocketing, and attackers are exploiting vulnerabilities faster than ever. To..." Read the blog here.

Unlocking the Power of AI in Cybersecurity: Key Takeaways from Our Latest Webinar

January 10, 2025

"Today's SOC teams have to face dramatic challenges that include overwhelming volumes of alerts, blurred perimeter protections, and resource constraints; meanwhile, AI is bursting into SOC workflows as one of the most important..." Read the blog here.

Rapid7 Recognized with Top Score of 100 in 2025 Corporate Equality Index

January 7, 2025

"On January 7, the Human Rights Campaign Foundation released their 2025 Corporate Equality Index (CEI), where Rapid7 earned a top score of 100. The CEI is the nation’s leading benchmark for LGBTQ+ workforce equality, evaluating..." Read the blog here.

Out With the Old, In With the New: Securely Disposing of Smart Devices

January 6, 2025

"So, what did you get for Christmas this year? Hopefully you received some cool smart technology, or maybe you just upgraded your smart camera or voice assistant to a newer model or version. If you upgraded..." Read the blog here.

Take Command of Your Career: Practicing Self-Advocacy as a Woman in Tech

December 17, 2024

"As the year draws to a close, it’s essential—and often expected—to reflect on our achievements and lessons learned in preparation for annual performance reviews and setting future goals.For women in tech, this reflection period can be an..." Read the blog here.

2024 Threat Landscape Statistics: Ransomware Activity, Vulnerability Exploits, and Attack Trends

December 16, 2024

"Now that we’ve reached the end of another year, you may be looking around the cybersecurity infosphere and seeing a glut of posts offering “hot takes” on the 2024 threat landscape and predictions about what’s coming next. At Rapid7, we don’t..." Read the blog here.

Modular Java Backdoor Dropped in Cleo Exploitation Campaign

December 11, 2024

"While investigating incidents related to Cleo software exploitation, Rapid7 Labs and MDR observed a novel, multi-stage attack that deploys an encoded Java Archive (JAR) payload. Our investigation revealed that the JAR file was part of a modular,..." Read the blog here.

Widespread Exploitation of Cleo File Transfer Software (CVE-2024-55956)

December 10, 2024

"On Monday, December 9, multiple security firms began privately circulating reports of in-the-wild exploitation targeting Cleo file transfer software. Late the evening of December 9, security firm Huntress published a blog on active exploitation of..." Read the blog here.

Rapid7 Extends Cloud Security Capabilities with Updates to Exposure Command

December 6, 2024

"The cloud has become the backbone of modern innovation, powering everything from AI to remote work. But as organizations embrace the cloud, they also face an ever-expanding and increasingly complex attack surface. With purpose-built..." Read the blog here.

Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware

December 4, 2024

"Beginning in early October, Rapid7 has observed a resurgence of activity related to the ongoing social engineering campaign being conducted by Black Basta ransomware operators. Rapid7 initially reported the discovery of the novel social..." Read the blog here.

Expanded SOC Coverage Into AWS Environments with Rapid7 MXDR

December 3, 2024

"As organizations increasingly rely on AWS for scalability and innovation, the complexity of securing these environments grows. AWS offers a robust set of native services and a comprehensive ecosystem, but managing security signals and responding to..." Read the blog here.

Why Cybercriminals Are Not Necessarily Embracing AI

December 2, 2024

"The rapid advancement of AI has offered powerful tools for malware detection, but it has also introduced new avenues for adversarial attacks. As an example, recently OpenAI reported threat actors abusing ChatGPT to execute reconnaissance..." Read the blog here.

Rapid7 Recognized for ‘Excellence in Workplace Health and Wellbeing’ at the Belfast Telegraph IT Awards

November 19, 2024

"On Friday, November 15th, Rapid7 was awarded ‘Excellence in Workplace Health and Wellbeing’ at the Belfast Telegraph IT Awards. This award recognizes technology companies in Belfast that prioritize employee well-being...." Read the blog here.

Unlock 24/7 SOC Coverage: Rapid7 MXDR Now Supports Microsoft Security Products

November 19, 2024

"On Friday, November 15th, Rapid7 was awarded ‘Excellence in Workplace Health and Wellbeing’ at the Belfast Telegraph IT Awards. This award recognizes technology companies in Belfast that prioritize employee well-being...." Read the blog here.

Mind the Gap: How Surface Command Tackles Asset Visibility in Attack Surface Management

November 8, 2024

"Imagine the scenario: your organization has been exposed to a new zero-day vulnerability. You are responsible for Threat & Vulnerability Management (TVM), you have asked your IT department for an assessment of the asset inventory in your organization..." Read the blog here.

20/20 Cybersecurity: Lessons Learned in 2024 and Strategies for a Stronger 2025

November 4, 2024

With 2024 rapidly coming to a close, many of us here at Rapid7 are taking a step back, reflecting upon the successes and learnings of the last 12 months, and looking ahead to the challenges and opportunities we could jointly face in the year..." Read the blog here.

Understanding your Attack Surface: Different Approaches to Asset Discovery

October 17, 2024

" In this post, we’ll delve into the process of discovering assets. We cannot secure what we cannot see so getting this piece right is foundational to the success of your ASM program. This blog will explore four different methods of asset..." Read the blog here.

Proactive Visibility Is Foundational to Strong Cybersecurity

September 22, 2024

"Exposures are more than CVEs, so organizations need to move beyond the traditional thinking of vulnerability management to a holistic view. Part of that view must be greater visibility into devices, users, applications, and all the digital infrastructure..." Read the blog here.

High-Risk Vulnerabilities in Common Enterprise Technologies

September 19, 2024

"Rapid7 is warning customers about several high-risk vulnerabilities in common enterprise technologies that are attractive potential attack targets for both state-sponsored and financially motivated adversaries. We are advising customers to prioritize..." Read the blog here.

Preparing for Unknown Risks: How to Better Prepare for Risks You Can't See Yet

August 22, 2024

"As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it's impossible to always know what's around the corner. It's not just about external threats and the big breaches splashed across the news..." Read the blog here.

Ongoing Social Engineering Campaign Refreshes Payloads

August 12, 2024

"On June 20, 2024, Rapid7 identified multiple intrusion attempts by threat actors utilizing techniques, tactics, and procedures (TTPs) that are consistent with an ongoing social engineering campaign being tracked by Rapid7. Rapid7 observed..." Read the blog here.

Illuminating the Shadows: Managing the Risks of Shadow AI in Modern Enterprises

August 8, 2024

"Shadow AI – a dramatic term for a new problem. With the rise of widely available consumer level AI services with easy-to-use chat interfaces, anyone from the summer intern to the CEO can easily use these shiny and new AI products. However..." Read the blog here.

Rapid7’s Ransomware Radar Report Shows Threat Actors are Evolving …Fast.

August 6, 2024

"Few issues keep cybersecurity professionals up at night more than the threat of ransomware. The ubiquity of targets, the relative organization of threat actors, and their multiple paths of entry make combating ransomware particularly formidable..." Read the blog here.

Introducing the Rapid7 Command Platform

August 5, 2024

"As cybercrime and attack surfaces have sprawled, Rapid7 has been able to grow with our customers because we are relentlessly focused on relevance. The way we see it, relevance doesn’t mean aligning to market definitions of categories, but rather..." Read the blog here.

Rapid7 Introduces Exposure Command to Eliminate the Security Visibility Gap

August 5, 2024

"Security and IT teams are experiencing a significant shift in operations as they become more distributed. Development and procurement processes have decentralized, and sensitive data now extends far beyond the network edge. This expansion..." Read the blog now.

Malware Campaign Lures Users With Fake W2 Form

July 24, 2024

"Rapid7 has recently observed an campaign targeting users searching for W2 forms using the Microsoft search engine Bing. Users are subsequently directed to a fake IRS website, enticing them to download their W2 form that ultimately..." Read the blog here.

Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz

June 27, 2024

"On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Our investigation identified that the suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop..." Read the blog here.

Malvertising Campaign Leads to Execution of Oyster Backdoor

June 17, 2024

"Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and Microsoft Teams. The installers were being used to drop a backdoor identified as..." Read the blog here.

Enhancing Velociraptor with the Cado Security Platform

June 11, 2024

"Velociraptor is a robust  open-source tool designed for collecting and querying forensic and incident response artifacts across various endpoints. This powerful tool  allows incident responders to effortlessly..." Read the blog here.

Rapid7 Releases the 2024 Attack Intelligence Report

May 21, 2024

"Today, during our Take Command Summit, we released our 2024 Attack Intelligence Report, which pulls in expertise from our researchers, our detection and response teams, and threat intelligence teams..." Read Rapid7's Blog Here.

Ongoing Malvertising Campaign leads to Ransomware

May 16, 2024

"Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains..." Read Rapid7's Blog Here.

5 key MDR differentiators to look for to build stronger security resilience

May 16, 2024

"Organizations looking to address the skills gap and bring greater efficiency as their business grows and their attack surface sprawls are turning to MDR providers at an accelerated pace..." Read Rapid7's Blog Here.

AI Trust Risk and Security Management: Why Tackle Them Now?

May 16, 2024

"In the evolving world of artificial intelligence (AI), keeping our customers secure and maintaining their trust is our top priority. As AI technologies integrate more deeply into our daily operations and services, they bring a set of unique challenges that demand a robust management strategy..." Read Rapid7's Blog Here.

Layered Defense to Stop Attacks Before they Begin

May 09, 2024

"Ransomware has evolved from opportunistic attacks to highly orchestrated campaigns driven by cyber criminals who are seeking high financial gains..." Read Rapid7's Blog Here.

Rapid7 Signs 100% Talent Compact with Boston Women’s Workforce Council

May 08, 2024

"Rapid7 is proud to announce their signing of the 100% Talent Compact through the Boston Women’s Workforce Council (BWWC). The Talent Compact is a collective effort among the Boston Mayor and local employers to close the gender and racial wage gaps in Greater Boston..." Read Rapid7's Blog Here.

Four Key Benefits of Rapid7’s New Managed Digital Risk Protection Service

April 19, 2024

"Cybercrime has boomed to the third largest economy in the world behind the US and China (Cybernews), with much of the most nefarious behavior on the dark web..." Read Rapid7's Blog Here.

Rapid7’s Ciara Cullinan Recognized as Community Trailblazer in Belfast Awards Program

March 14, 2024

"At the 2024 Women Who Code She Rocks Awards, Rapid7 Software Engineer II Ciara Cullinan was recognized with their ‘Community Trailblazer’ award..." Read Rapid7's Blog Here.

Securing the Next Level: Automated Cloud Defense in Game Development with InsightCloudSec

March 07, 2024

"Imagine the following scenario: You're about to enjoy a strategic duel on chess.com or dive into an intense battle in Fortnite, but as you log in, you find your hard-earned achievements, ranks, and reputation have vanished into thin air..." Read Rapid7's Blog Here.

Introducing Active Risk

January 24, 2024

"Cyber risk is increasing both in volume and velocity. Given the landscape of threats, weaknesses, vulnerabilities, and misconfigurations, organizations, teams and vulnerability analysts alike need of better prioritization mechanisms..." Read Rapid7's Blog Here.

Attackers are Working Around The Clock. Luckily, So Are We.

November 30, 2023

"It takes an average of 204 days for organizations to discover a breach, and from there an average of 73 days to contain it. With the average cost of a breach at an all time high of $4.45 million (IBM’s Cost of a Data Breach Report 2023), there’s an undeniable need for teams to enlist the right experts to quickly eradicate threats..." Read Rapid7's Blog Here.

Rapid7 Takes Next Step in AI Innovation with New AI-Powered Threat Detections

November 29, 2023

"Digital transformation has created immense opportunity to generate new revenue streams, better engage with customers and drive operational efficiency..." Read Rapid7's Blog Here.

When Maximum Effort Doesn't Equate to Maximum Results

November 21, 2023

"It’s no secret that security teams are feeling beleaguered as a result of the barrage of data, events, and alerts generated by their security tools, to say nothing of the increased budget scrutiny and constrained staff resources that continue to plague cybersecurity practitioners..." Read Rapid7's Blog Here.

Manage Enterprise Risk at Scale with a Unified, Holistic Approach

November 16, 2023

"The rapid pace of technological change and the attendant rise of cyber threats in both speed and number leave most organizations at a disadvantage..." Read Rapid7's Blog Here.

Little Crumbs Can Lead To Giants

October 06, 2023

"This week is the Virus Bulletin Conference in London. Part of the conference is the Cyber Threat Alliance summit, where CTA members like Rapid7 showcase their research into all kinds of cyber threats and techniques..." Read Rapid7's Blog Here.

Unlock Broader Detections and Forensics with Velociraptor in Rapid7 XDR

September 29, 2023

"Nearly 70% of companies that are breached are likely to get breached again within twelve months (CPO). Effective remediation and addressing attacks at the root is key to staying ahead of threats and recurring breaches on the endpoint..." Read Rapid7's Blog Here.

What’s New in InsightVM and Nexpose: Q3 2023 in Review

September 29, 2023

"A lot of new and exciting product updates this quarter to help customers continue driving better security outcomes. We are thrilled to launch a new vulnerability risk scoring strategy this quarter along with upgrades like improved UI for the Engine Pool page, more policy coverage, and more..." Read Rapid7's Blog Here.

Rapid7 doubles down on a platform approach for Vulnerability Risk Management

September 20, 2023

"This week, Rapid7 was named a Strong Performer in The Forrester Wave™: Vulnerability Risk Management, Q3 2023. The report, which included 11 vulnerability risk management vendors, represented Rapid7's inclusion in the Wave report for vulnerability management..." Read Rapid7's Blog Here.

Rapid7 Delivers Visibility Across All 19 Steps of Attack in 2023 MITRE Engenuity ATT&CK® Evaluations: Enterprise

September 20, 2023

"Over seven years ago, we set out to change the way that SOCs approach threat detection and response. With the introduction of InsightIDR, we wanted to address the false positives and snowballing complexity that was burning out analysts, deteriorating security posture, and inhibiting necessary scale..." Read Rapid7's Blog Here

Three Security Vendor Consolidation Myths Debunked

August 23, 2023

"When it comes to security vendor consolidation, Gartner found that 57% of organizations are working with fewer than ten security vendors, utilizing consolidation to cut costs and improve their overall security posture..." Read Rapid7's Blog Here.

Ransomware-as-a-Service Cheat Sheet

August 22, 2023

"Ransomware-as-a-Service, or RaaS, has taken the threat landscape by storm — so much so that in 2023, the White House re-classified ransomware as a national security threat..." Read Rapid7's Blog Here.

How To Present SecOps Metrics

August 01, 2023

"SecOps metrics can be a gold mine of potential for informing better business decisions, but 78% of CEOs say they don’t have adequate data on risk exposure to make good decisions. Even when they do see the right data, 82% are inclined to “trust their gut” anyway..." Read Rapid7's Blog Here.

Alerting Rules!: InsightIDR Raises the Bar for Visibility and Coverage

July 06, 2023

"I've worked in cybersecurity for over two decades, so I've seen plenty of platforms come and go—some even crash and burn. But Rapid7, specifically InsightIDR, has consistently performed above expectations..." Read Rapid7's Blog Here.

Rapid7 Solutions for Partners

June 28, 2023

"Central to our mission at Rapid7 is building long-term relationships with partners who deliver valuable security solutions to customers. As customers increasingly seek managed services to meet their security needs, we've eagerly expanded our partner ecosystem to support a rapidly growing body of Managed Security Service Provider (MSSP) partners..." Read Rapid7's Blog Here.

Cyber Asset Attack Surface Management 101

June 21, 2023

"It's essential for security and IT teams to have a comprehensive view and control of their cyber assets. This is why Cyber Asset Attack Surface Management (CAASM) has received so much attention from security practitioners and leaders..." Read Rapid7's Blog Here.

Rapid7 Recognized as a Strong Performer in The Forrester Wave™ for MDR, Q2 2023

May 18, 2023

"Rapid7 recognized as one of the top 13 vendors as a strong performer by the Forrester WaveTM for MDR, in Q2 2023..." Read Rapid7's Blog Here.

Executive Webinar: Confronting Security Fears to Control Cyber Risk, Part Three

March 29, 2023

"Part 3: Confronting Security Fears to Control Cyber Risk Webinar..." Read Rapid7's Blog Here.

Three Steps for Ramping Up to Fully Automated Remediation

March 15, 2023

"The number one threat to cloud security is misconfiguration of resources, and frankly, it's not hard to understand why. The cloud is getting bigger, more tangled, and flat-out more unmanageable by the day..." Read Rapid7's Blog Here.

Rapid7 Threat Command Delivered 311% ROI: 2023 Forrester Consulting Total Economic Impact™ Study

March 15, 2023

"Security teams must continuously contort their efforts to effectively respond to the growing volume of cyberthreats. These constantly shifting methods in the security operations center (SOC) can be difficult to manage in the face of emerging external threats—it can be like keeping multiple spinning plates in the air at once..." Read Rapid7's Blog Here.

Cloud Security Strategies for Healthcare

March 14, 2023

"The healthcare industry is undergoing a transformational shift. Health organizations are traditionally entrenched in an on-prem way of life, but the past three years have plunged them into a digital revolution. A heightened demand for improved healthcare services—like distributed care and telehealth—ignited a major push for health orgs to move to the cloud, and as a result, implement new cloud security strategies..." Read Rapid7's Blog Here.

Executive Webinar: Confronting Security Fears to Control Cyber Risk, Part Two

March 14, 2023

"In the session, Jason Hart, Rapid7’s Chief Technology Officer, EMEA, will discuss how organisations can develop the ability to adapt while being able to quickly revert to their original structure after times of great stress and impact..." Read Rapid7's Blog Here.

What Tech Companies Should Look For in Cloud Security

March 08, 2023

"The cloud's computing power and flexibility unlocks unprecedented speed and efficiency—a tech company's two best friends. But with that speed and efficiency comes new environments and touchpoints in an organization's footprint. That expanding attack surface brings along with it an expanding range of security concerns..." Read Rapid7's Blog Here.

Executive Webinar: Confronting Security Fears to Control Cyber Risk

February 28, 2023

"In the session, Jason Hart, Rapid7’s Chief Technology Officer, EMEA, shared his experiences to help executives enhance their cyber mission and vision statements to create a positive cybersecurity culture that permeates the business..." Read Rapid7's Blog Here.

The Next Generation of Managed Detection and Response is Here

February 22, 2023

"Security teams manage an average of 76 different tools. Breaches have gone from “s#&@!” to “inevitable.” That’s why we built Managed Threat Complete to address the reality of today’s threat environment. By 2025, Gartner says 50% of organizations will decide to partner with an MDR (Managed Detection and Response) service for 24x7 monitoring..." Read Rapid7's Blog Here.

Rapid7 CEO Corey E. Thomas Appointed To National Security Telecommunications Advisory Committee

February 16, 2023

"President Biden has announced his intent to appoint a group of highly qualified and diverse industry leaders, including Rapid7 chairman & CEO Corey E. Thomas, to the President’s National Security Telecommunications Advisory Committee (NSTAC)..." Read Rapid7's Blog Here.

The High Cost of Human Error In OT Systems

January 26, 2023

"Rapid7’s partner SCADAfence recently commissioned a survey of 3500 OT professionals. Among the findings, nearly 80% of respondents believe that human error presents the greatest risk for compromise to operational technology (OT) control systems..." Read Rapid7's Blog Here.

Rapid7 Added to Carahsoft GSA Schedule Contract

January 24, 2023

We are happy to announce that Rapid7 has been added to Carahsoft’s GSA Schedule contract, making our suite of comprehensive security solutions widely available to Federal, State, and Local agencies through Carahsoft and its reseller partners..." Read Rapid7's Blog Here.

Rapid7 Now Available Through Carahsoft’s NASPO ValuePoint

January 24, 2023

"We are happy to announce that Rapid7’s solutions have been added to the NASPO ValuePoint Cloud Solutions contract held by Carahsoft Technology Corp. The addition of this contract enables Carahsoft and its reseller partners to provide Rapid7’s Insight platform to participating States, Local Governments, and Educational (SLED) institutions..." Read Rapid7's Blog Here.