Sunsetting the Public AttackerKB Platform
What’s changing, where AttackerKB-style analysis will live, and how users can continue finding Rapid7 vulnerability intelligence.
On August 18, Rapid7 will sunset the standalone public AttackerKB website as part of a broader effort to unify our vulnerability intelligence, exploit analysis, and research resources.
Security practitioners, researchers, vulnerability managers, and current AttackerKB API users will still be able to find Rapid7 vulnerability intelligence through the Rapid7 blog, the recently revamped Rapid7 Vulnerability and Exploit Database, and customer-specific API experiences, where applicable.
The public AttackerKB platform is going away, but the intelligence and analysis that security teams rely on are not disappearing. Instead, they’re moving into experiences more closely connected with Rapid7’s broader research and vulnerability intelligence ecosystem.
What’s changing
-
The public AttackerKB website will be retired on August 18.
-
AttackerKB-style Rapid7 technical write-ups will continue on the Rapid7 blog.
-
Vulnerability intelligence will remain connected to the Rapid7 Vulnerability and Exploit Database.
-
Open community contributions and the current public AttackerKB API will be retired.
Where AttackerKB-style content will live
After the AttackerKB site is retired, that particular style of technical write-up will continue to be published through the Rapid7 blog, and will remain connected to the Rapid7 Vulnerability and Exploit Database.
This approach brings vulnerability analysis, exploit intelligence, and security research into a more centralized experience for anyone and everyone who accesses the current standalone site. For security practitioners, researchers, and vulnerability managers, the goal is simple: Make it easier to find the information you need without moving between separate platforms.
We’re also retiring the open community contribution model of AttackerKB. This decision enables Rapid7 to maintain tighter control over the quality and accuracy of the intelligence we publish. By moving to a more curated model, we can ensure users receive high-fidelity, verified vulnerability intelligence backed by our expert research teams.
The change helps protect and fortify the integrity of the intelligence associated with Rapid7, by reducing the risk of inaccurate submissions (especially hastily AI-generated ones), and attempts to manipulate vulnerability information. Maintaining trust in security data is what matters here, and this next step means we can continue delivering intelligence practitioners can use with confidence.
What AttackerKB API users should know
The current public AttackerKB API will be retired alongside the public platform and community features.
Going forward, access to this vulnerability intelligence through APIs will be restructured as a dedicated capability for Rapid7 customers. If your organization currently depends on the public AttackerKB API, Rapid7 will share customer-specific guidance on available options, timing, and transition details.
Next steps for AttackerKB users
If you currently use AttackerKB, here are the quick-hits for August 18 and onwards:
-
Visit the Rapid7 blog for new technical write-ups and vulnerability analysis.
-
Look for a dedicated “Technical Analysis” (linked above) tag to help make AttackerKB-style content and legacy write-ups easier to find.
-
The AttackerKB domain will automatically redirect to the Rapid7 Vulnerability and Exploit Database.
-
Use the Vulnerability and Exploit Database as your central source for vulnerability intelligence moving forward.
AttackerKB has played an important role in helping security teams understand risk and prioritize action. We’re grateful to everyone who contributed, shared knowledge, and helped shape the platform over the years, and we’re excited to deliver the same trusted intelligence through a more unified experience.