Connect with the security community at Microsoft Ignite 2025

In today’s AI-powered world, security professionals are facing unprecedented challenges—and opportunities. As generative AI reshapes the digital landscape, the need for robust, intelligent, and adaptive security strategies has never been more urgent. At Microsoft Ignite 2025, we will showcase...

ASB-A-381773175

Bulletin has no description...

How to Plan and Prepare for Penetration Testing

As security technology and threat awareness among organizations improves so do the adversaries who are adopting and relying on new techniques to maximize speed and impact while evading detection. Ransomware and malware continue to be the method of choice by big game hunting BGH cyber criminals, a...

See a Sneak Peek of Tuesday’s Take Command Summit

In just a few short days, some of the best minds in cybersecurity will come together at Take Command to discuss the most pressing challenges and opportunities we face as an industry. The sessions include in-depth discussions on attacker trends and behaviors, a look into the Rapid7 SOC, top guest...

Wallarm Webinar: NIST CSF 2.0, API Security, and CISO Imperatives

Last week, our good friend Raj Umadas, Director of Security at ActBlue, teamed up with our very own Tim Erlin, Head of Product, to talk about the newly proposed NIST Cybersecurity Framework CSF. It was a fantastic discussion covering the intent behind this update, the major changes from v1.1 to...

3 Ways to Apply a Risk-Based Approach to Threat Detection, Investigation, and Response: Gartner® Report

In an ongoing effort to help security organizations gain greater visibility into risk, we’re pleased to offer this complimentary Gartner® report, 3 Ways to Apply a Risk-Based Approach to Threat Detection, Investigation, and Response. This insightful research can help a security organization reali...

Join us at InfoSec Jupyterthon 2022

Notebooks are gaining popularity in InfoSec. Used interactively for investigations and hunting or as scheduled processing jobs, notebooks offer plenty of advantages over traditional security operations center SOC tools. Sitting somewhere between scripting/macros and a full-blown development...

Join us at InfoSec Jupyterthon 2022

Notebooks are gaining popularity in InfoSec. Used interactively for investigations and hunting or as scheduled processing jobs, notebooks offer plenty of advantages over traditional security operations center SOC tools. Sitting somewhere between scripting/macros and a full-blown development...

Unsung Security Superheroes: You’re Now Sung

Get your copy of Rapid7’s first comic: XDR vs. Exploito. Available now! We’re all more connected than ever, and security practitioners keep everyone – governments, organizations, businesses, and 4.95 billion people – as safe as they can be. “XDR vs Exploito” isn’t “Dr. Strange and the Multiverse ...

Is it Easier to Turn Cloud Professionals into Security Practitioners or Vice Versa?

Insights into the cybersecurity skills gap In a poll taken at a recent Imperva webinar, What’s New in ‘22? Cybersecurity Trends and Predictions, participants said it’s easier to turn security practitioners into cloud professionals by a margin of 65-35. Three Directors in Imperva’s Office of the C...

New research shows IoT and OT innovation is critical to business but comes with significant risks

The need for much improved IoT and operational technology OT cybersecurity became clearer this year with recent attacks on network devices,1 surveillance systems,2 an oil pipeline,3 and a water treatment facility,4 to name a few examples. To better understand the challenges customers are facing,...

Kunyu - More Efficient Corporate Asset Collection

Kunyu, More Efficient Corporate Asset Collection 0x00 Introduce Tool introduction Kunyu kunyu, whose name is taken from , is actually a professional subject related to geographic information, which counts the geographic information of the sea, land, and sky. The same applies to cyberspace. The sa...

Attack AI systems in Machine Learning Evasion Competition

Today, we are launching MLSEC.IO, an educational Machine Learning Security Evasion Competition MLSEC for the AI and security communities to exercise their muscle to attack critical AI systems in a realistic setting. Hosted and sponsored by Microsoft, alongside NVIDIA, CUJO AI, VM-Ray, and MRG...

Microsoft Security—detecting empires in the cloud

Microsoft consistently tracks the most advanced threat actors and evolving attack techniques. We use these findings to harden our products and platform and share them with the security community to help defenders everywhere better protect the planet. Recently, the Microsoft Threat Intelligence...

NCSC-NZ Releases Cyber Governance Resource for Leaders

The New Zealand National Cyber Security Centre NCSC-NZ has released an article on a new cybersecurity governance resource to support public and private sector leaders in making decisions about their cybersecurity resilience and risk. NCSC-NZ developed this governance—a series of documents with...

Actionable Vulnerability Remediation Projects in InsightVM

Security practitioners and the remediating teams they collaborate with are increasingly asked to do more with less. They simply cannot remediate everything; it has never been more important to prioritize and drive remediations from start to finish. The Remediation Workflow capability in InsightVM...

Windows Forensic Data Collection: IR-rescue

Windows Forensic Data Collection ir-rescue is a Windows Batch script that collects a myriad of forensic data from 32-bit and 64-bit Windows systems while respecting the order of volatility. It is intended for incident response use at different stages in the analysis and investigation process. It...

DevOps Integration Key to Avoiding Pre-Ordained Security Failures

BOSTON – Downstream is where you live today as a security person. If Gene Kim has his way, you’ll be inline soon enough. Kim’s keynote today at Source Boston 2013 took listeners on a deep dive of the integration of development and IT operations and helped map out how organizations may be able to...

Poll Finds Security Practitioners Falsely Believe They're Protected Against APTs

If a recent poll of 1,000 security professionals is any indication, there remains a significant learning gap in understanding advanced persistent threats – and therefore building a strong defense to resist them. The survey conducted by FireEye’s Malware Intelligence Lab showed nearly 60 percent o...

Armitage Update : Graphical cyber attack management tool for Metasploit

Armitage Update : Graphical cyber attack management tool for Metasploit Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for securi...