Rapid7 is on a mission to drive the SecOps movement into the future, and we take that to heart with our holistic approach to security. Rapid7 has policies and procedures in place to keep our data, platform, and products secure, so that we can continue creating tools and services that keep our customers secure.


Our world class security program is driven by a blend of published standards and industry best practices:

Rest assured: Rapid7’s approach to security is established on four core pillars essential to trust.


Rapid7’s platform and products are designed to fit securely into your environment and adhere to security best practices.


You have access to your data when you need it and our operational status is always up to date.


Ensuring your data is used only in a manner consistent with your expectations is a responsibility we take very seriously.


You have full visibility into where your data lives, who has access to it, and how it is used.

Have questions? We have answers.

Read What’s New on the Rapid7 Blog

Patch Tuesday - May 2023
A relatively light 49 vulnerabilities patched in May 2023, including a new entry method for BlackLotus bootkit malware.
Adam Barnett
May 09, 2023
Read More
Using Rapid7 Insight Agent and InsightVM Scan Assistant in Tandem
Rapid7 Insight Agent and InsightVM Scan Assistant can improve visibility into your environment. This article explores how and when to use each.
John Hartman
Apr 26, 2023
Read More
Patch Tuesday - April 2023
114 vulnerabilities patched, including a zero-day driver-based LPE. Message Queueing Service RCE. End of support for 2013 products.
Adam Barnett
Apr 11, 2023
Read More

Rapid7 is trusted by over 11,000 customers