Posts tagged Application Security

5 min Podcast

Great Barrier Grief: How to Break Through Bottlenecks with Automated AppSec

In our brand-new podcast, Security Nation, Zate Berg of Indeed.com explains how he avoided making his team an engineering bottleneck through automated appsec.

7 min Application Security

Hidden Helpers: Security-Focused HTTP Headers

This blog includes real-world scenarios in which attackers can manipulate unsecured HTTP headers and how to prevent your organization from falling victim.

4 min InsightAppSec

How InsightAppSec Can Help You Improve Your Approach to Application Security

In this post, we’ll explore why modern apps require modern testing and how our DAST tool, InsightAppSec, is leading the way with the most sought-after needs for application security teams.

5 min Application Security

How to Choose the Right Application Security Tool for Your Organization

In this post, we’re taking a look at the various application security testing technologies and how to determine which is best for your organization.

5 min Application Security

5 Considerations When Creating an Application Security Program

In this blog, we explain how to address application security within your organization and how this translates into building better code.

5 min InsightAppSec

New InsightAppSec Features and Updates: A Look Inside

In this post, you’ll learn about all of our new features of InsightAppSec, how you can benefit from them, and how you can begin using them right away.

3 min Application Security

Single-Page Applications: The Journey So Far

While modern web application technology has made apps more useful, it's also made them harder to secure.

3 min Incident Detection

Rapid7 Leads All 'Strong Performers' in 2018 Forrester Wave for Emerging MSSPs

We’re proud to be recognized in the Forrester Wave as the leader in the “Strong Performer” category and to score second highest overall current offering for our Managed Security Services.

1 min Application Security

Rapid7 Acquires Leading Web Application Security Provider, tCell

Today, Rapid7 announced the acquisition of tCell, a leading provider of web application threat defense and monitoring. We are so excited to have tCell join the Rapid7 family!

4 min Application Security

How to Defend Against Magecart Using CSP

In this blog, we explain how you can defend against Magecart credit card skimming attacks by using HTTP's Content Security Policy.

5 min InsightAppSec

New Features: Rapid7 Launches Public API For InsightAppSec

Rapid7 is pleased to announce the newest addition to your application security toolkit on the Rapid7 Insight platform: the public API in our DAST solution, InsightAppSec.

2 min Application Security

The Newegg Breach: PCI Means Nothing to Magecart

Both the British Airways and Newegg breaches occurred at sites that followed data security rules but were not protected against attacks like Magecart.

2 min Application Security

The British Airways Breach: PCI is Not Enough

Magecart's techniques are sophisticated and worth understanding in detail, especially because they point out a major gap that occurs even with perfect PCI compliance.

3 min Application Security

In Our Customers’ Words: Why Mastering Application Security Basics Matters

In a recent conversation with a Rapid7 application security customer, I was reminded how much of a security practitioner’s day can be consumed by troubleshooting buggy tools and manually executing the same tasks over and over again (needlessly, may I add). As much as we’d like to think that security professionals’ time is being efficiently utilized, oftentimes inadequate tools, a lack of automation, and organizational silos impede SecOps-driven [https://www.rapid7.com/solutions/secops/] progress

2 min Application Security

New InsightAppSec Releases: Compliance Reports and the AppSec Toolkit

Things are always brewing in Rapid7 product development. Today, we’re excited to announce several exciting new features in InsightAppSec, our cloud-powered application security testing solution for modern web apps [https://www.rapid7.com/products/insightappsec/]. These include: * Custom reports for PCI, HIPAA, SOX, and OWASP 2017 compliance requirements * PDF report generation * The Rapid7 AppSec Toolkit * Macro Recorder * Traffic Viewer * RegEx Builder * Swagger/Rest API Utilit