Rapid7 is on a mission to drive the SecOps movement into the future, and we take that to heart with our holistic approach to security. Rapid7 has policies and procedures in place to keep our data, platform, and products secure, so that we can continue creating tools and services that keep our customers secure.


Our world class security program is driven by a blend of published standards and industry best practices:

Rest assured: Rapid7’s approach to security is established on four core pillars essential to trust.


Rapid7’s platform and products are designed to fit securely into your environment and adhere to security best practices.


You have access to your data when you need it and our operational status is always up to date.


Ensuring your data is used only in a manner consistent with your expectations is a responsibility we take very seriously.


You have full visibility into where your data lives, who has access to it, and how it is used.

Have questions? We have answers.

Trust FAQ

Read What’s New on the Rapid7 Blog

Vulnerability Management in the Cloud: Addressing the AWS Shared Responsibility Model
If you’re operating in the cloud, you may be familiar with the shared responsibility model. We often hear people say they think they’re inherently secure because they use the cloud and their cloud provider takes care of all security needs, but that’s not exactly true. While your cloud provider is responsible...
Aaron Sawitsky
Jan 22, 2020
Read More
Better Together: How to Collaborate to Drive Vulnerability Remediation Among Security, IT, and DevOps Teams
<!--kg-card-begin: markdown--> If you feel anxious about the amount of time it takes your organization to remediate vulnerabilities or find yourself spending significant time trying to influence your peers who perform the remediations, you’re not alone. These worries are extremely common among security...
Tori Sitcawich
Jan 21, 2020
Read More
Active Exploitation of Citrix NetScaler (CVE-2019-19781): What You Need to Know
<!--kg-card-begin: markdown--> On Dec. 17, 2019, a directory traversal vulnerability was announced in the Citrix Application Discovery Controller and Citrix Gateway, which would allow a remote, unauthenticated user to write a file to a location on disk. Affected products include: Citrix ADC and Citrix...
Derek Abdine
Jan 17, 2020
Read More

Rapid7 By The Numbers

Advancing Security Since
Valued Customers
Fortune 100 Friends
Assets Monitored
Petabytes of Data Processed
Ports Monitored Per IP
IPs Scanned