Hidden Helpers: Security-Focused HTTP Headers
This blog includes real-world scenarios in which attackers can manipulate unsecured HTTP headers and how to prevent your organization from falling victim.…
How InsightAppSec Can Help You Improve Your Approach to Application Security
In this post, we’ll explore why modern apps require modern testing and how our DAST tool, InsightAppSec, is leading the way with the most sought-after needs for application security teams.…
How to Choose the Right Application Security Tool for Your Organization
In this post, we’re taking a look at the various application security testing technologies and how to determine which is best for your organization.…
5 Considerations When Creating an Application Security Program
In this blog, we explain how to address application security within your organization and how this translates into building better code.…
New InsightAppSec Features and Updates: A Look Inside
In this post, you’ll learn about all of our new features of InsightAppSec, how you can benefit from them, and how you can begin using them right away.…
Single-Page Applications: The Journey So Far
While modern web application technology has made apps more useful, it's also made them harder to secure.…
Rapid7 Acquires Leading Web Application Security Provider, tCell
Today, Rapid7 announced the acquisition of tCell, a leading provider of web application threat defense and monitoring. We are so excited to have tCell join the Rapid7 family!…
New Features: Rapid7 Launches Public API For InsightAppSec
Rapid7 is pleased to announce the newest addition to your application security toolkit on the Rapid7 Insight platform: the public API in our DAST solution, InsightAppSec.…
Faster Prod at the Expense of Security? 2018 ‘Under the Hoodie’ Reveals Gaps in Applications
As part of this year's "Under the Hoodie" report, we identified the latest web application security risks companies are facing today.…
Scan Management with InsightAppSec: There’s More to Application Security than Long Lists of Vulnerabilities
Knowing what you are scanning, how often, and with how much success is vital to knowing your vulnerability data is accurate, up-to-date, and reflects your security position. InsightAppSec can help.…
In Our Customers’ Words: Why Mastering Application Security Basics Matters
In a recent conversation with a Rapid7 application security customer, I was reminded how much of a security practitioner’s day can be consumed by troubleshooting buggy tools and manually executing the same tasks over and over again (needlessly, may I add). As much as…
New InsightAppSec Releases: Compliance Reports and the AppSec Toolkit
Things are always brewing in Rapid7 product development. Today, we’re excited to announce several exciting new features in InsightAppSec, our cloud-powered application security testing solution for modern web apps. These include: Custom reports for PCI, HIPAA, SOX, and OWASP 2017 compliance requirements PDF report…
How to Scan Your Own Application with the InsightAppSec Free Trial
We think this is pretty sweet news. You asked, we built it—now you can scan one of your own applications with an InsightAppSec trial! But before you start scanning your own application with the InsightAppSec free trial, you’ll need to validate your application’…
Making the Dream Work: Teaming with Dev for Safer Production Apps
So you’ve read the reports outlining how important it is for developers and security teams to work together to build web applications quickly and securely, you’ve scoured the web and have researched the importance of building a web application program at your organization,…
3 Questions to Ask When Prioritizing Web Application Vulnerabilities
Dynamic application security testing (DAST) often results in a constantly evolving list of security vulnerabilities. When scanning a web application in production or in an active testing environment, issues can crop up as quickly as changes happen within the app. And when exposed to the…
