4 min
Cloud Security
How to Secure App Development in the Cloud, With Tips From Gartner
New Gartner research highlights how to keep your cloud applications safe without resorting to a patchwork of overlapping tools and services.
4 min
Cybersecurity
3 Takeaways From the 2022 Verizon Data Breach Investigations Report
Our takeaways from Verizon's 2022 Breach Report suggest security pros should be doubling down on the big priorities, like ransomware and supply chain.
3 min
Application Security
Find, Fix, and Report OWASP Top 10 Vulnerabilities in InsightAppSec
The OWASP 2021 Attack Template and Report for InsightAppSec helps you use the updated categories from OWASP to inform and focus your AppSec program.
3 min
Cybersecurity
What's Changed for Cybersecurity in Banking and Finance: New Study
The results of a new VMware study show a changing landscape for cybersecurity in banking and finance.
11 min
Application Security
XSS in JSON: Old-School Attacks for Modern Applications
This post highlights how cross-site scripting has adapted to today’s modern web applications, specifically the API and Javascript Object Notation (JSON).
4 min
Cloud Security
Cloud-Native Application Protection (CNAPP): What's Behind the Hype?
Is CNAPP a one-in-all answer to building secure apps in a cloud-first ecosystem, or is it part of a larger story? This post takes a closer look.
3 min
Application Security
Rapid7 Named a Visionary in 2022 Magic Quadrant™ for Application Security Testing Second Year in a Row
For the second year in a row, Rapid7 has been named a Visionary in the Gartner® 2022 Magic Quadrant for Application Security Testing.
3 min
Application Security
Let's Dance: InsightAppSec and tCell Bring New DevSecOps Improvements in Q1
In Q1 2022, we've continued to improve InsightAppSec and tCell to help organizations shift left and automate security testing prior to deployment.
3 min
Application Security
Securing Your Applications Against Spring4Shell (CVE-2022-22965)
In this blog, we wanted to share some recent product enhancements across our application security portfolio to help our customers with easy ways to test and secure their apps against Spring4Shell.
15 min
Emergent Threat Response
Spring4Shell: Zero-Day Vulnerability in Spring Framework (CVE-2022-22965)
Rapid7 confirms the existence of an unpatched, unauthenticated remote code execution vulnerability in Spring Framework. We will update this blog continually as new information arises on this zero-day vulnerability.
2 min
Application Security
InsightAppSec GitHub Integration Keeps Risky Code From Reaching Production
The new GitHub Actions integration in InsightAppSec allows security and development teams to automate DAST as part of the CI/CD build pipeline workflow.
5 min
Threat Intel
For Health Insurance Companies, Web Apps Can Be an Open Wound
Misconfigured web apps can leave your defenses wide open. Here's how health insurance providers can harden their web app security and protect their data.
7 min
Application Security
How InsightAppSec Detects Log4Shell: Your Questions Answered
In this post, we talk about our response to CVE-2021-44228 (a.k.a. Log4Shell) with the Rapid7 InsightAppSec platform.
3 min
Application Security
A December to Remember — Or, How We Improved InsightAppSec in Q4 in the Midst of Log4Shell
We wanted to take a moment to recap some of InsightAppSec and tCell's Q4 highlights and give us all a little much-deserved break from the madness.
3 min
Application Security
Test for Log4Shell With InsightAppSec Using New Functionality
In this blog, we share how Rapid7 customers can test for Log4Shell with InsightAppSec.