Trust

Rapid7 is on a mission to drive the SecOps movement into the future, and we take that to heart with our holistic approach to security. Rapid7 has policies and procedures in place to keep our data, platform, and products secure, so that we can continue creating tools and services that keep our customers secure.

Compliance

Our world class security program is driven by a blend of published standards and industry best practices:

Rest assured: Rapid7’s approach to security is established on four core pillars essential to trust.

Security


Rapid7’s platform and products are designed to fit securely into your environment and adhere to security best practices.

Availability


You have access to your data when you need it and our operational status is always up to date.

Privacy


Ensuring your data is used only in a manner consistent with your expectations is a responsibility we take very seriously.


Transparency


You have full visibility into where your data lives, who has access to it, and how it is used.



Have questions? We have answers.

Read What’s New on the Rapid7 Blog

Patch Tuesday - November 2024
4 zero-days. AD CS ESC15 aka EKUwu. NTLMv2 disclosure. Exchange sender spoofing. Task scheduler EoP. .NET & Kerberos critical RCEs. Welcome Server 2025.
Adam Barnett
Nov 12, 2024
Read More
Fortinet FortiManager CVE-2024-47575 Exploited in Zero-Day Attacks
On Wednesday, October 23, 2024, security company Fortinet published an advisory on CVE-2024-47575, a critical zero-day vulnerability affecting their FortiManager network management solution.
Caitlin Condon
Oct 23, 2024
Read More
Patch Tuesday - October 2024
5 zero-days. Configuration Manager pre-auth RCE. RDP RPC pre-auth RPC. Winlogon EoP. Hyper-V container escape. curl o-day RCE late patch. Management console zero-day RCE. Windows 11 lifecycle changes.
Adam Barnett
Oct 08, 2024
Read More

Rapid7 is trusted by over 11,000 customers