Rapid7 is on a mission to drive the SecOps movement into the future, and we take that to heart with our holistic approach to security. Rapid7 has policies and procedures in place to keep our data, platform, and products secure, so that we can continue creating tools and services that keep our customers secure.


Our world class security program is driven by a blend of published standards and industry best practices:

Rest assured: Rapid7’s approach to security is established on four core pillars essential to trust.


Rapid7’s platform and products are designed to fit securely into your environment and adhere to security best practices.


You have access to your data when you need it and our operational status is always up to date.


Ensuring your data is used only in a manner consistent with your expectations is a responsibility we take very seriously.


You have full visibility into where your data lives, who has access to it, and how it is used.

Have questions? We have answers.

Trust FAQ

Read What’s New on the Rapid7 Blog

Patch Tuesday - August 2019
First off, the big news for today's Patch Tuesday: Microsoft has fixed four new Remote Desktop Services (RDS) vulnerabilities, reminiscent of the BlueKeep vulnerability (CVE-2019-0708) that was patched last May. CVE-2019-1181 and CVE-2019-1182 both affect all supported versions of Windows, and can be...
Greg Wiseman
Aug 13, 2019
Read More
August 2019 Microsoft Remote Desktop Services (RDP) Patches: What You Need to Know
Deja vu all over again In a recent blog post we noted that attackers have been working on exploits for the “BlueKeep” RDP vulnerability for months and there has been a consistent, major uptick in opportunistic/malicious scanning for internet-facing RDP systems, including a few campaigns that have been...
boB Rudis
Aug 13, 2019
Read More
BlueKeep Exploits May Be Coming: Our Observations and Recommendations
Attacker activity Rapid7 Labs has observed a significant uptick in malicious RDP activity since the release of CVE-2019-0708 (A.K.A. “BlueKeep”). Figure 1 shows the total daily connections from known, non-benign sources. Current levels of malicious RDP activity are levels unseen since Rapid7 Labs deployed...
boB Rudis
Jul 31, 2019
Read More

Rapid7 By The Numbers

Advancing Security Since
Valued Customers
Fortune 100 Friends
Assets Monitored
Petabytes of Data Processed
Ports Monitored Per IP
IPs Scanned