3 min
Application Security
Hidden Helpers: Security-Focused HTTP Headers to Protect Against Vulnerabilities
In our second installment of the 'Hidden Helpers' series, we discuss security-focused HTTP headers and how they can protect against vulnerabilities.
3 min
InsightAppSec
How Our New Jenkins Integration for InsightAppSec Enables DevSecOps Collaboration
Rapid7 is excited to announce the release of an integration to integrate InsightAppSec within Jenkins to improve release cycles and reduce vulnerabilities.
5 min
InsightAppSec
New Azure DevOps Pipelines Extension for InsightAppSec Helps Improve Web App Security
Rapid7 is excited to announce the release of a new extension to incorporate InsightAppSec within Azure DevOps Pipelines.
3 min
Application Security
Application Security Testing + Monitoring with DAST and RASP: A Two-Pronged Approach
For full coverage of your apps, you’ll require multiple application security solutions, such as DAST and RASP.
3 min
Application Security
DAST vs. SAST: Which solution is better?
Security and DevOps teams seemingly have to choose between speed and security. We think there's a better way.
7 min
Application Security
Hidden Helpers: Security-Focused HTTP Headers
This blog includes real-world scenarios in which attackers can manipulate unsecured HTTP headers and how to prevent your organization from falling victim.
4 min
InsightAppSec
How InsightAppSec Can Help You Improve Your Approach to Application Security
In this post, we’ll explore why modern apps require modern testing and how our DAST tool, InsightAppSec, is leading the way with the most sought-after needs for application security teams.
5 min
Application Security
How to Choose the Right Application Security Tool for Your Organization
In this post, we’re taking a look at the various application security testing technologies and how to determine which is best for your organization.
5 min
Application Security
5 Considerations When Creating an Application Security Program
In this blog, we explain how to address application security within your organization and how this translates into building better code.
3 min
Application Security
Single-Page Applications: The Journey So Far
While modern web application technology has made apps more useful, it's also made them harder to secure.
1 min
Application Security
Rapid7 Acquires Leading Web Application Security Provider, tCell
Today, Rapid7 announced the acquisition of tCell, a leading provider of web application threat defense and monitoring. We are so excited to have tCell join the Rapid7 family!
5 min
InsightAppSec
New Features: Rapid7 Launches Public API For InsightAppSec
Rapid7 is pleased to announce the newest addition to your application security toolkit on the Rapid7 Insight platform: the public API in our DAST solution, InsightAppSec.
3 min
InsightAppSec
Scan Management with InsightAppSec: There’s More to Application Security than Long Lists of Vulnerabilities
Knowing what you are scanning, how often, and with how much success is vital to knowing your vulnerability data is accurate, up-to-date, and reflects your security position. InsightAppSec can help.
3 min
Application Security
In Our Customers’ Words: Why Mastering Application Security Basics Matters
In a recent conversation with a Rapid7 application security customer, I was
reminded how much of a security practitioner’s day can be consumed by
troubleshooting buggy tools and manually executing the same tasks over and over
again (needlessly, may I add). As much as we’d like to think that security
professionals’ time is being efficiently utilized, oftentimes inadequate tools,
a lack of automation, and organizational silos impede SecOps-driven
[https://www.rapid7.com/solutions/secops/] progress
2 min
Application Security
New InsightAppSec Releases: Compliance Reports and the AppSec Toolkit
Things are always brewing in Rapid7 product development. Today, we’re excited to
announce several exciting new features in InsightAppSec, our cloud-powered
application security testing solution for modern web apps
[https://www.rapid7.com/products/insightappsec/].
These include:
* Custom reports for PCI, HIPAA, SOX, and OWASP 2017 compliance requirements
* PDF report generation
* The Rapid7 AppSec Toolkit * Macro Recorder
* Traffic Viewer
* RegEx Builder
* Swagger/Rest API Utilit