3 min
Cybersecurity
What's Changed for Cybersecurity in Banking and Finance: New Study
The results of a new VMware study show a changing landscape for cybersecurity in banking and finance.
11 min
Application Security
XSS in JSON: Old-School Attacks for Modern Applications
This post highlights how cross-site scripting has adapted to today’s modern web applications, specifically the API and Javascript Object Notation (JSON).
4 min
Cloud Security
Cloud-Native Application Protection (CNAPP): What's Behind the Hype?
Is CNAPP a one-in-all answer to building secure apps in a cloud-first ecosystem, or is it part of a larger story? This post takes a closer look.
3 min
Application Security
Rapid7 Named a Visionary in 2022 Magic Quadrant™ for Application Security Testing Second Year in a Row
For the second year in a row, Rapid7 has been named a Visionary in the Gartner® 2022 Magic Quadrant for Application Security Testing.
3 min
Application Security
Securing Your Applications Against Spring4Shell (CVE-2022-22965)
In this blog, we wanted to share some recent product enhancements across our application security portfolio to help our customers with easy ways to test and secure their apps against Spring4Shell.
2 min
Application Security
InsightAppSec GitHub Integration Keeps Risky Code From Reaching Production
The new GitHub Actions integration in InsightAppSec allows security and development teams to automate DAST as part of the CI/CD build pipeline workflow.
5 min
Threat Intel
For Health Insurance Companies, Web Apps Can Be an Open Wound
Misconfigured web apps can leave your defenses wide open. Here's how health insurance providers can harden their web app security and protect their data.
7 min
Application Security
How InsightAppSec Detects Log4Shell: Your Questions Answered
In this post, we talk about our response to CVE-2021-44228 (a.k.a. Log4Shell) with the Rapid7 InsightAppSec platform.
3 min
Application Security
A December to Remember — Or, How We Improved InsightAppSec in Q4 in the Midst of Log4Shell
We wanted to take a moment to recap some of InsightAppSec and tCell's Q4 highlights and give us all a little much-deserved break from the madness.
3 min
Application Security
Test for Log4Shell With InsightAppSec Using New Functionality
In this blog, we share how Rapid7 customers can test for Log4Shell with InsightAppSec.
3 min
Application Security
How to Protect Your Applications Against Log4Shell With tCell
Let’s walk through the various ways tCell can help our customers protect against Log4Shell attacks.
2 min
Application Security
A Dream Team-Up: Integrate InsightAppSec With ServiceNow ITSM
A brand-new integration between InsightAppSec and ServiceNow makes it easier to create tickets for vulnerability scans and remediation.
3 min
Application Security
OWASP Top 10 Deep Dive: Identification and Authentication Failures
Security pros have made progress in mitigating identification and authentication failures — but that doesn't mean we can takes our eyes off the ball.
7 min
Application Security
OWASP Top 10 Deep Dive: Defending Against Server-Side Request Forgery
In this post, we'll focus on server-side request forgery (SSRF), which comes in at number 10 on the updated OWASP Top 10 list.
3 min
Application Security
tCell by Rapid7 Supports the Newly Released .NET 6.0
We’re excited to share that we've coordinated our recent .NET and .NET Core agent releases with the brand new .NET 6.0 release from Microsoft.