Here at Rapid7, we’ve been quite busy continuously improving, expanding functionality, and testing new features for feedback with our customers across our application security portfolio. This includes InsightAppSec, our leading DAST solution, tCell by Rapid7, our next-gen cloud WAF and RASP solution, and our associated managed services offerings.
Below, we’ve recapped some of the latest and greatest ways to leverage Rapid7’s appsec technologies to get time back in your days.
What’s new and updated: tCell by Rapid7
[New] Packages and vulnerabilities
Runtime software composition analysis (SCA) data is now accessible to Java, node.js, Ruby, Python, .NET, and .NET Core applications in tCell. Get insights into what third-party packages your development teams are leveraging in their applications and their associated vulnerabilities.
[New] Application Firewall event filters for CIDR blocks and IP groups
If you’re looking to filter out events by CIDR block or IP group, you are now able to do so in the tCell App Firewall feature. This gives you the ability to continue to further refine the security data collected by tCell.
[Updated] Java and .NET agents
We’re constantly working to expand our tCell agents’ support and coverage, and this quarter is no different. Not only did we update our Windows agent to include 32-bit support, but we’ve also added support for customers who are building apps supported on WildFly application servers with our Java agent.
What’s new and updated: InsightAppSec
[New] Selenium .side support
Leveraging Selenium? Save time by uploading your pre-built Selenium files for authentication or advanced crawling of your applications leveraging the native format of *.Side in InsightAppSec (in addition to the previously supported *.html format).
[New and Updated] Attack module updates, including Azure Cloud coverage
Our continuous updates to attack modules in InsightAppSec now include expanded coverage for SSRF, FrontPage Server, and SSL certification. Additionally, for those customers leveraging Azure cloud, we have improved accuracy with reduced false positives, and an expanded SSRF attack module with Azure Cloud support.
[New] Improved usability and dashboarding
Last, we’ve added enhanced capabilities to InsightAppSec’s ease-of-use and dashboarding, such as direct links to vulnerabilities (e.g., you can now share vulnerabilities with direct links to your coworkers via Slack, etc.) and new dashboard cards such as displaying vulnerabilities by severity.
If you’re still curious and want to learn more, feel free to reach out to your Customer Success Manager to learn about the many Early Access programs that are going on for our application security solutions. Still looking for more? Feel free to check out the upcoming customer roadmap webcast where we will be sharing what’s on the docket for the end of the year and beyond!
On behalf of the team, thank you for your continued loyalty, and we hope you are gearing up for an exciting close to the year!