Rapid7 is on a mission to drive the SecOps movement into the future, and we take that to heart with our holistic approach to security. Rapid7 has policies and procedures in place to keep our data, platform, and products secure, so that we can continue creating tools and services that keep our customers secure.


Our world class security program is driven by a blend of published standards and industry best practices:

Rest assured: Rapid7’s approach to security is established on four core pillars essential to trust.


Rapid7’s platform and products are designed to fit securely into your environment and adhere to security best practices.


You have access to your data when you need it and our operational status is always up to date.


Ensuring your data is used only in a manner consistent with your expectations is a responsibility we take very seriously.


You have full visibility into where your data lives, who has access to it, and how it is used.

Have questions? We have answers.

Trust FAQ

Read What’s New on the Rapid7 Blog

Blocking User Access to Vulnerable Assets with CyberArk and InsightVM
It happens all the time—a company’s sensitive asset becomes vulnerable or falls out of compliance, then a user logs in to it and puts the company at risk of exploitation or breach. The solution to this is two-fold: First, you should be alerted when an asset falls out of compliance or has a vulnerability....
Tori Sitcawich
Jun 19, 2019
Read More
Attack Surface Monitoring with Project Sonar
Why you should care about your expanding attack surface An attack surface in the realm of information security is the variety of ways a given asset can be interacted with and, therefore, potentially attacked. Maintaining a minimal attack surface is a fundamental part of any information security program....
Jon Hart
Jun 18, 2019
Read More
Patch Tuesday - June 2019
Nearing the halfway point of 2019, today's Patch Tuesday sees Microsoft fix 88 vulnerabilities, the highest count so far this year. Nothing this month seems "wormable" like the BlueKeep vulnerability patched in May, and none of them have been seen exploited in the wild. However, four elevation of privilege...
Greg Wiseman
Jun 11, 2019
Read More

Rapid7 By The Numbers

Advancing Security Since
Valued Customers
Fortune 100 Friends
Assets Monitored
Petabytes of Data Processed
Ports Monitored Per IP
IPs Scanned