Rapid7 is on a mission to drive the SecOps movement into the future, and we take that to heart with our holistic approach to security. Rapid7 has policies and procedures in place to keep our data, platform, and products secure, so that we can continue creating tools and services that keep our customers secure.


Our world class security program is driven by a blend of published standards and industry best practices:

Rest assured: Rapid7’s approach to security is established on four core pillars essential to trust.


Rapid7’s platform and products are designed to fit securely into your environment and adhere to security best practices.


You have access to your data when you need it and our operational status is always up to date.


Ensuring your data is used only in a manner consistent with your expectations is a responsibility we take very seriously.


You have full visibility into where your data lives, who has access to it, and how it is used.

Have questions? We have answers.

Trust FAQ

Read What’s New on the Rapid7 Blog

Automating the Cloud: AWS Security Done Efficiently
Hey! Josh Frantz here, Lead Security Consultant at Rapid7. In this blog series, we will focus on how to automate the mundane so you can more efficiently secure your AWS environment and focus on solving important, engaging, and difficult issues. Today, we are going to be installing software on all your...
Josh Frantz
Aug 19, 2019
Read More
Patch Tuesday - August 2019
First off, the big news for today's Patch Tuesday: Microsoft has fixed four new Remote Desktop Services (RDS) vulnerabilities, reminiscent of the BlueKeep vulnerability (CVE-2019-0708) that was patched last May. CVE-2019-1181 and CVE-2019-1182 both affect all supported versions of Windows, and can be...
Greg Wiseman
Aug 13, 2019
Read More
August 2019 Microsoft Remote Desktop Services (RDP) Patches: What You Need to Know
Deja vu all over again In a recent blog post we noted that attackers have been working on exploits for the “BlueKeep” RDP vulnerability for months and there has been a consistent, major uptick in opportunistic/malicious scanning for internet-facing RDP systems, including a few campaigns that have been...
boB Rudis
Aug 13, 2019
Read More

Kurz und knackig

Fortune 100 Unternehmen
Überwachte Assets
Petabyte verarbeitet
Überwachte Ports
Gescannte IPs