Rapid7 announces today the launch of InsightAppSec, the newest product to be delivered on the Insight platform.

InsightAppSec combines the power and accuracy of Rapid7's industry-leading and proven Dynamic Application Security Testing (DAST) engine with the quick deployment, scalability, and ease-of-use of the Insight platform, enabling security teams to quickly identify the critical security gaps in their web applications and APIs. With no requirement to install an on-premise component to scan external apps, InsightAppSec helps security teams get their application security testing programs up and running quickly, while providing confidence that vulnerabilities aren't missed—even in Single Page Applications (SPAs), APIs, and modern web apps built with Javascript frameworks.

InsightAppSec helps you identify, manage, and fix application vulnerabilities with:

  • Quick setup: No on-premise component installation is necessary to scan external applications. Internal application scans are supported too, with the deployment of a lightweight on-premise scan engine and results from on-premise and cloud engine scans all appearing in the same cloud console. With InsightAppSec you're only 5 minutes away from your first scan.
  • Intuitive workflows: InsightAppSec makes it easy to get to running your first scan with just a few clicks, while retaining the flexible tuning options to tailor scans to your applications. Workflows guide you along the way, so you don't spend time hunting through menus.

  • App Portfolios: Group your targets and scans into “apps” to better manage vulnerabilities identified across multiple URLs and sites relevant to an application. This allows you to stay on top of your app's security risks whether they are identified in production, testing, or in its APIs and data services.

  • Live Vulnerability View: Search, save filters, and set status and priority in a live, up-to-date view of all vulnerabilities detected across all of your scans. Live Vulnerability View helps you focus on what's next in securing your apps.

  • Attack Replay: Empower your development team with the ability to confirm vulnerabilities and test fixes on their own. Exportable interactive HTML reporting allows developers to replay attacks so that remediation isn't unnecessarily delayed.

InsightAppSec joins the on-premise AppSpider Pro and AppSpider Enterprise products and Rapid7's Managed App Sec Service in the Rapid7 portfolio of Application Security Testing solutions.

For more information on InsightAppSec, including a live demo, be sure to sign up for the launch webcast on July 27th.