Posts tagged Application Security

4 min Cloud Security

How to Secure App Development in the Cloud, With Tips From Gartner

New Gartner research highlights how to keep your cloud applications safe without resorting to a patchwork of overlapping tools and services.

4 min Cybersecurity

3 Takeaways From the 2022 Verizon Data Breach Investigations Report

Our takeaways from Verizon's 2022 Breach Report suggest security pros should be doubling down on the big priorities, like ransomware and supply chain.

3 min Application Security

Find, Fix, and Report ​OWASP Top 10 Vulnerabilities in InsightAppSec

The OWASP 2021 Attack Template and Report for InsightAppSec helps you use the updated categories from OWASP to inform and focus your AppSec program.

3 min Cybersecurity

What's Changed for Cybersecurity in Banking and Finance: New Study

The results of a new VMware study show a changing landscape for cybersecurity in banking and finance.

11 min Application Security

XSS in JSON: Old-School Attacks for Modern Applications

This post highlights how cross-site scripting has adapted to today’s modern web applications, specifically the API and Javascript Object Notation (JSON).

4 min Cloud Security

Cloud-Native Application Protection (CNAPP): What's Behind the Hype?

Is CNAPP a one-in-all answer to building secure apps in a cloud-first ecosystem, or is it part of a larger story? This post takes a closer look.

3 min Application Security

Rapid7 Named a Visionary in 2022 Magic Quadrant™ for Application Security Testing Second Year in a Row

For the second year in a row, Rapid7 has been named a Visionary in the Gartner® 2022 Magic Quadrant for Application Security Testing.

3 min Application Security

Let's Dance: InsightAppSec and tCell Bring New DevSecOps Improvements in Q1

In Q1 2022, we've continued to improve InsightAppSec and tCell to help organizations shift left and automate security testing prior to deployment.

3 min Application Security

Securing Your Applications Against Spring4Shell (CVE-2022-22965)

In this blog, we wanted to share some recent product enhancements across our application security portfolio to help our customers with easy ways to test and secure their apps against Spring4Shell.

15 min Emergent Threat Response

Spring4Shell: Zero-Day Vulnerability in Spring Framework (CVE-2022-22965)

Rapid7 confirms the existence of an unpatched, unauthenticated remote code execution vulnerability in Spring Framework. We will update this blog continually as new information arises on this zero-day vulnerability.

2 min Application Security

InsightAppSec GitHub Integration Keeps Risky Code From Reaching Production

The new GitHub Actions integration in InsightAppSec allows security and development teams to automate DAST as part of the CI/CD build pipeline workflow.

5 min Threat Intel

For Health Insurance Companies, Web Apps Can Be an Open Wound

Misconfigured web apps can leave your defenses wide open. Here's how health insurance providers can harden their web app security and protect their data.

7 min Application Security

How InsightAppSec Detects Log4Shell: Your Questions Answered

In this post, we talk about our response to CVE-2021-44228 (a.k.a. Log4Shell) with the Rapid7 InsightAppSec platform.

3 min Application Security

A December to Remember — Or, How We Improved InsightAppSec in Q4 in the Midst of Log4Shell

We wanted to take a moment to recap some of InsightAppSec and tCell's Q4 highlights and give us all a little much-deserved break from the madness.

3 min Application Security

Test for Log4Shell With InsightAppSec Using New Functionality

In this blog, we share how Rapid7 customers can test for Log4Shell with InsightAppSec.