3 min
AWS
Rapid7 Partners with AWS Security Hub for Deeper Vulnerability Reporting
Last month, we were thrilled to announce our integration with AWS Security Hub at AWS re:Invent.
5 min
InsightVM
Did You Remediate That? New InsightVM Executive Report Provides Key Details on Team Progress
We have developed the InsightVM Executive Report so that companies can easily report on month-over-month trends in their vulnerability management programs.
3 min
Azure
Azure Security Center and Active Directory Now Integrate with the Rapid7 Platform
Today, we announced
[https://www.rapid7.com/about/press-releases/rapid7-integrates-with-microsoft-azure/]
continued, more comprehensive development of the integration between the Rapid7
Insight platform and Microsoft Azure.
A new integration with Azure Security Center makes it easy to deploy the Rapid7
unified Insight Agent across new and existing Azure Virtual Machines. This
automated deployment enables InsightVM customers to maintain constant visibility
into the assets, vulnerabilities, and
3 min
Application Security
In Our Customers’ Words: Why Mastering Application Security Basics Matters
In a recent conversation with a Rapid7 application security customer, I was
reminded how much of a security practitioner’s day can be consumed by
troubleshooting buggy tools and manually executing the same tasks over and over
again (needlessly, may I add). As much as we’d like to think that security
professionals’ time is being efficiently utilized, oftentimes inadequate tools,
a lack of automation, and organizational silos impede SecOps-driven
[https://www.rapid7.com/solutions/secops/] progress
4 min
DevOps
How DevOps Can Use Quality Gates for Security Checks
Your team has been working at all hours to put the final touches on code for a
new big feature release. All the specs are in, the feature works as expected,
and the code is pushed to production. A few hours later, the daily security scan
runs and the alerts start piling in. What went wrong? And what do you do now?
Typically when this happens, it means rolling back the entire deployment,
retroactively fixing the bugs and vulnerabilities in the code, and a week or two
later, re-deploying. If you’
4 min
Application Security
3 Ways to Accelerate Web App Security Testing
It used to be that web application security testing
[https://www.rapid7.com/solutions/application-security/] was the job of just the
security team. Today, it is becoming a much more integrative function,
especially for organizations who have adopted DevOps. Development cycles have
become shorter and features are released more frequently for companies to stay
competitive. Trouble is, with shorter development cycles, security needs a way
to keep up. After all, there’s little value in running fast
2 min
InsightAppSec
How to Scan Your Own Application with the InsightAppSec Free Trial
We think this is pretty sweet news. You asked, we built it—now you can scan one
of your own applications with an InsightAppSec trial!
But before you start scanning your own application with the InsightAppSec free
trial [https://www.rapid7.com/try/insightappsec], you’ll need to validate your
application’s domain. This requires adding a custom-generated meta tag to your
application’s root path.
Let’s get started.
When adding your app to the InsightAppSec free trial, you’ll be given an option
to
2 min
InsightAppSec
Making the Dream Work: Teaming with Dev for Safer Production Apps
So you’ve read the reports outlining how important it is for developers and
security teams to work together to build web applications quickly and securely
[https://information.rapid7.com/sans-state-of-application-security-2017-report.html]
, you’ve scoured the web and have researched the importance of building a web
application program at your organization
[https://www.rapid7.com/solutions/application-security/], perhaps even watched
some videos talking about the evolution of web applications an
3 min
InsightAppSec
3 Questions to Ask When Prioritizing Web Application Vulnerabilities
Dynamic application security testing (DAST)
[https://www.rapid7.com/fundamentals/dast/] often results in a constantly
evolving list of security vulnerabilities. When scanning a web application
[https://www.rapid7.com/fundamentals/web-application-security/] in production or
in an active testing environment, issues can crop up as quickly as changes
happen within the app. And when exposed to the internet itself, there are many
more ways in which security vulnerabilities
[https://www.rapid7.com/fund
4 min
Application Security
4 Differences Between Network Security & Application Security
Tomato, tomato, potato, potato, network security
[https://www.rapid7.com/fundamentals/what-is-network-security/] and web
application security
[https://www.rapid7.com/fundamentals/web-application-security/]. Two things that
may seem similar, they are actually quite different. Network security (also
known as vulnerability assessment or vulnerability management
[https://www.rapid7.com/solutions/vulnerability-management/]) has been around
for quite some time and is something most security practition
3 min
InsightAppSec
InsightAppSec Feature Highlights: On-Premise Engines, JIRA Integration, and More
Powerful Yet Simple DAST Scanning Gets Even Better
InsightAppSec [https://www.rapid7.com/products/insightappsec/], Rapid7’s
cloud-powered web application security testing solution
[https://www.rapid7.com/solutions/application-security/], has added three
powerful new features:
* On-premise scan engines
* JIRA integration
* Scan Activity view
Test Your Internal Applications and Reduce Your Risk
Web application security testing
[https://www.rapid7.com/fundamentals/web-application-security-test
2 min
Application Security
Takeaways from 2017 SANS State of Application Security Survey
The training and research organization SANS recently released their 2017 State
of Application Security survey results. The new report proves that now, more
than ever, organizations need to invest in solutions that automate application
security testing [https://www.rapid7.com/solutions/application-security/] in
order to reap benefits like:
* Identifying security vulnerabilities earlier in the development cycle, when
they’re cheaper to fix.
* Reduced friction between Security and Development
2 min
Introducing InsightAppSec: Cloud-powered Application Security Testing
Rapid7 announces today the launch of InsightAppSec
[https://www.rapid7.com/products/insightappsec/], the newest product to be
delivered on the Insight platform
[https://www.rapid7.com/products/insight-platform/].
InsightAppSec combines the power and accuracy of Rapid7's industry-leading and
proven Dynamic Application Security Testing (DAST) engine with the quick
deployment, scalability, and ease-of-use of the Insight platform, enabling
security teams to quickly identify the critical security ga