Cybersecurity Research

Research and forensic specialists, open-source communities, and straight-line impact

Yes, you know Rapid7 Labs


Metasploit modules for threat-informed purple teaming


Open-source researchers, pen testers, and threat hunters

Powering your day-to-day with expert intelligence

We believe in rapid platform integration: driving a straight line from every Rapid7 Labs discovery to improving your security program now, today. Rapid7 Labs tracks adversaries, shares proprietary, curated intelligence and research, and builds trusted open-source communities. We all created the internet together. That’s how we’ll secure it.

11,000+ customers are safer, and so is everybody else

Curated threat intel and AI, baked in

Rapid7 Labs holds a slew of AI patents that power risk and threat analysis, and detect threats faster and prioritize vulnerabilities better.

Research: big issues & emergent threats

In the first half of 2023, we tracked 79 state-sponsored attacks. Labs uncovers emergent threats, zero-days, and our future.

Security communities for everyone

Our open-source projects like Metasploit, Velociraptor, and AttackerKB have bi-directional feeds into our platform solutions.

Internet-scale data and research

Get easy insight into public internet exposure with Project Doppler, informed by Sonar scans and our honeypot network Project Lorelei.

Actionable vulnerability intelligence

Adversaries are evolving operations and using both new and known vulnerabilities. Each year, Rapid7 Labs analyzes thousands of vulns in order to identify their root causes, reveal attacker behaviors, and provide practical, next-step guidance for your most critical moments.

Elite research and intelligence teams doing unambiguous good

Raj Samani

Chief Scientist

Raj won the prestigious Peter Szor award (2015) for the best piece of technical security research conducted each year. He’s also been inducted into the Infosecurity Europe Hall of Fame.

Caitlin Condon

Security Research

Caitlin directs our vulnerability researchers,  exploit developers, emergent threat analysts, and the Metasploit team. She’s regularly quoted by ZDNet and Dark Reading.

Christiaan Beek

Threat Analytics 

A regular speaker at RSA and Black Hat, Christiaan leads intelligence teams, gathering threat data, inventing new research techniques, data correlation and publications.

Real-time emergent threat guidance

Between Rapid7 Labs and our 24/7 follow-the-sun MDR, we observe 3.3 trillion security events every week. We perform  in-depth technical analysis of emergent attack vectors, follow attacks as they evolve, and communicate indicators of compromise and next-step guidance in real time.

Your data may be everywhere, but so are we

Always-on expertise about known, unknown TTPs

Get insight into widely exploited vulns, ransomware, and dark web marketplaces anytime with this on-demand webinar.

Preventing breaches earlier across your attack surface

Take attackers out before they pop you. It’s proactive, comprehensive coverage for your entire environment from the endpoint to the cloud.

Defending the distributed and far-flung

Japan is an economic juggernaut with subsidiaries and affiliates at unique and elevated risk of attack around the world. Of course Rapid7 Labs studied it.

Want to dive deeper into the research?