Trust

Rapid7 is on a mission to drive the SecOps movement into the future, and we take that to heart with our holistic approach to security. Rapid7 has policies and procedures in place to keep our data, platform, and products secure, so that we can continue creating tools and services that keep our customers secure.

Compliance

Our world class security program is driven by a blend of published standards and industry best practices:

Rest assured: Rapid7’s approach to security is established on four core pillars essential to trust.

Security


Rapid7’s platform and products are designed to fit securely into your environment and adhere to security best practices.

Availability


You have access to your data when you need it and our operational status is always up to date.

Privacy


Ensuring your data is used only in a manner consistent with your expectations is a responsibility we take very seriously.


Transparency


You have full visibility into where your data lives, who has access to it, and how it is used.



Have questions? We have answers.

Trust FAQ

Read What’s New on the Rapid7 Blog

Patch Tuesday - June 2019
Nearing the halfway point of 2019, today's Patch Tuesday sees Microsoft fix 88 vulnerabilities, the highest count so far this year. Nothing this month seems "wormable" like the BlueKeep vulnerability patched in May, and none of them have been seen exploited in the wild. However, four elevation of privilege...
Greg Wiseman
Jun 11, 2019
Read More
Microsoft Windows RDP Network Level Authentication Bypass (CVE-2019-9510): What You Need to Know
What’s up? On June 4, 2019, the CERT Coordination Center (CERT/CC) released an advisory regarding discovered behavior in the Microsoft Windows Remote Desktop Protocol (RDP), which can allow an attacker to bypass the lock screen on some remote sessions. Specifically, it stated: "Starting with Windows...
boB Rudis
Jun 05, 2019
Read More
Scan Engine Options for InsightVM in AWS: Pre-Authorized AMI vs. Manual Install
To pre-auth, or not to pre-auth, that is the question. With the recent changes to Amazon Web Services’ (AWS) pen-testing policy, it is easier to get started on your InsightVM scans without requiring the use of our Pre-Authorized Scan Engine AMI. Previously, the recommended method was to launch an EC2...
Delan Diaz
Jun 05, 2019
Read More

Kurz und knackig

Gegründet
2000
Kunden
7,400
Fortune 100 Unternehmen
55
Überwachte Assets
40M
Petabyte verarbeitet
17
Überwachte Ports
104
Gescannte IPs
3.4B