Trust

Rapid7 is on a mission to drive the SecOps movement into the future, and we take that to heart with our holistic approach to security. Rapid7 has policies and procedures in place to keep our data, platform, and products secure, so that we can continue creating tools and services that keep our customers secure.

Compliance

Our world class security program is driven by a blend of published standards and industry best practices:

Rest assured: Rapid7’s approach to security is established on four core pillars essential to trust.

Security


Rapid7’s platform and products are designed to fit securely into your environment and adhere to security best practices.

Availability


You have access to your data when you need it and our operational status is always up to date.

Privacy


Ensuring your data is used only in a manner consistent with your expectations is a responsibility we take very seriously.


Transparency


You have full visibility into where your data lives, who has access to it, and how it is used.



Have questions? We have answers.

Read What’s New on the Rapid7 Blog

CVE-2024-3400: Critical Command Injection Vulnerability in Palo Alto Networks Firewalls
On Friday, April 12, Palo Alto Networks published an advisory on CVE-2024-3400, a CVSS 10 vulnerability in several versions of PAN-OS, the operating system that runs on the company’s firewalls. CVE-2024-3400 allows for arbitrary code execution as root.
Caitlin Condon
Apr 12, 2024
Read More
Patch Tuesday - April 2024
One late-breaking zero-day vuln. Defender for IoT critical RCEs. Dozens of SQL OLE DB driver RCEs. Microsoft adds CWE and Vector String Source to advisories.
Adam Barnett
Apr 09, 2024
Read More
Rapid7 offers continued vulnerability coverage in the face of NVD delays
Recently, the US National Institute of Standards and Technology (NIST) announced on the National Vulnerability Database (NVD) site [http://nvd.nist.gov/] that there would be delays in adding information on newly published CVEs. NVD enriches CVEs with basic details about a vulnerability like the vulnerability’s CVSS score, software products impacted by a CVE, information on the bug, patching status, etc. Since February 12th, 2024, NVD has largely stopped enriching vulnerabilities. Given the bro
Tyler Terenzoni
Mar 18, 2024
Read More

Rapid7 is trusted by over 11,000 customers

" class="hidden">欧林雅官网