3 min
Application Security
Rapid7 Named a Visionary in 2022 Magic Quadrant™ for Application Security Testing Second Year in a Row
For the second year in a row, Rapid7 has been named a Visionary in the Gartner® 2022 Magic Quadrant for Application Security Testing.
3 min
Application Security
Let's Dance: InsightAppSec and tCell Bring New DevSecOps Improvements in Q1
In Q1 2022, we've continued to improve InsightAppSec and tCell to help organizations shift left and automate security testing prior to deployment.
3 min
Application Security
Securing Your Applications Against Spring4Shell (CVE-2022-22965)
In this blog, we wanted to share some recent product enhancements across our application security portfolio to help our customers with easy ways to test and secure their apps against Spring4Shell.
15 min
Emergent Threat Response
Spring4Shell: Zero-Day Vulnerability in Spring Framework (CVE-2022-22965)
Rapid7 confirms the existence of an unpatched, unauthenticated remote code execution vulnerability in Spring Framework. We will update this blog continually as new information arises on this zero-day vulnerability.
2 min
Application Security
InsightAppSec GitHub Integration Keeps Risky Code From Reaching Production
The new GitHub Actions integration in InsightAppSec allows security and development teams to automate DAST as part of the CI/CD build pipeline workflow.
5 min
Threat Intel
For Health Insurance Companies, Web Apps Can Be an Open Wound
Misconfigured web apps can leave your defenses wide open. Here's how health insurance providers can harden their web app security and protect their data.
7 min
Application Security
How InsightAppSec Detects Log4Shell: Your Questions Answered
In this post, we talk about our response to CVE-2021-44228 (a.k.a. Log4Shell) with the Rapid7 InsightAppSec platform.
3 min
Application Security
A December to Remember — Or, How We Improved InsightAppSec in Q4 in the Midst of Log4Shell
We wanted to take a moment to recap some of InsightAppSec and tCell's Q4 highlights and give us all a little much-deserved break from the madness.
3 min
Application Security
Test for Log4Shell With InsightAppSec Using New Functionality
In this blog, we share how Rapid7 customers can test for Log4Shell with InsightAppSec.
4 min
Application Security
How to Protect Your Applications Against Log4Shell With tCell
Let’s walk through the various ways tCell can help our customers protect against Log4Shell attacks.
2 min
Application Security
A Dream Team-Up: Integrate InsightAppSec With ServiceNow ITSM
A brand-new integration between InsightAppSec and ServiceNow makes it easier to create tickets for vulnerability scans and remediation.
3 min
Application Security
OWASP Top 10 Deep Dive: Identification and Authentication Failures
Security pros have made progress in mitigating identification and authentication failures — but that doesn't mean we can takes our eyes off the ball.
7 min
Application Security
OWASP Top 10 Deep Dive: Defending Against Server-Side Request Forgery
In this post, we'll focus on server-side request forgery (SSRF), which comes in at number 10 on the updated OWASP Top 10 list.
3 min
Application Security
tCell by Rapid7 Supports the Newly Released .NET 6.0
We’re excited to share that we've coordinated our recent .NET and .NET Core agent releases with the brand new .NET 6.0 release from Microsoft.
3 min
Application Security
OWASP Top 10 Deep Dive: Getting a Clear View on Vulnerable and Outdated Components
Outdated and vulnerable components have gone up three places in the OWASP Top 10. Here's Why.