Posts tagged Application Security

2 min Application Security

Deploy tCell More Easily With the New AWS AMI Agent

We've introduced the AWS AMI Agent for tCell, which makes it easier to deploy tCell into your software development life cycle.

3 min Application Security

It’s the Summer of AppSec: Q2 Improvements to Our Industry-Leading DAST and WAAP

Summer is in full swing, and that means soaring temps, backyard grill-outs, and the latest roundup of Q2 application security improvements from Rapid7.

3 min Application Security

Application Security in 2022: Where Are We Now?

When Forrester put out The State of Application Security, 2022 report, we thought it was a great time to share where we think AppSec is headed.

4 min Application Security

API Security: Best Practices for a Changing Attack Surface

APIs have become a large part of the application attack surface, making API security a critical consideration.

4 min Cloud Security

How to Secure App Development in the Cloud, With Tips From Gartner

New Gartner research highlights how to keep your cloud applications safe without resorting to a patchwork of overlapping tools and services.

4 min Cybersecurity

3 Takeaways From the 2022 Verizon Data Breach Investigations Report

Our takeaways from Verizon's 2022 Breach Report suggest security pros should be doubling down on the big priorities, like ransomware and supply chain.

3 min Application Security

Find, Fix, and Report ​OWASP Top 10 Vulnerabilities in InsightAppSec

The OWASP 2021 Attack Template and Report for InsightAppSec helps you use the updated categories from OWASP to inform and focus your AppSec program.

3 min Cybersecurity

What's Changed for Cybersecurity in Banking and Finance: New Study

The results of a new VMware study show a changing landscape for cybersecurity in banking and finance.

11 min Application Security

XSS in JSON: Old-School Attacks for Modern Applications

This post highlights how cross-site scripting has adapted to today’s modern web applications, specifically the API and Javascript Object Notation (JSON).

4 min Cloud Security

Cloud-Native Application Protection (CNAPP): What's Behind the Hype?

Is CNAPP a one-in-all answer to building secure apps in a cloud-first ecosystem, or is it part of a larger story? This post takes a closer look.

3 min Application Security

Rapid7 Named a Visionary in 2022 Magic Quadrant™ for Application Security Testing Second Year in a Row

For the second year in a row, Rapid7 has been named a Visionary in the Gartner® 2022 Magic Quadrant for Application Security Testing.

3 min Application Security

Let's Dance: InsightAppSec and tCell Bring New DevSecOps Improvements in Q1

In Q1 2022, we've continued to improve InsightAppSec and tCell to help organizations shift left and automate security testing prior to deployment.

3 min Application Security

Securing Your Applications Against Spring4Shell (CVE-2022-22965)

In this blog, we wanted to share some recent product enhancements across our application security portfolio to help our customers with easy ways to test and secure their apps against Spring4Shell.

15 min Emergent Threat Response

Spring4Shell: Zero-Day Vulnerability in Spring Framework (CVE-2022-22965)

Rapid7 confirms the existence of an unpatched, unauthenticated remote code execution vulnerability in Spring Framework. We will update this blog continually as new information arises on this zero-day vulnerability.

2 min Application Security

InsightAppSec GitHub Integration Keeps Risky Code From Reaching Production

The new GitHub Actions integration in InsightAppSec allows security and development teams to automate DAST as part of the CI/CD build pipeline workflow.