Rapid7 Trust

Security

Security at Rapid7 encompasses more than just our products. Rapid7 has policies and procedures in place to keep both our data and products secure, so that we can continue keeping our customers secure.

At Rapid7, we strive to create great teaming experiences for customers and make the most successful security technologies and practices accessible to all. It is our priority to ensure you have the information you need to trust Rapid7 as a security partner. We’ve created the trust page to give you access to the latest security information on Rapid7 and the Insight cloud when and where you need it. We have invested a significant amount of time creating this documentation in order to make your assessment process as efficient and effective as possible. If you still have questions after reviewing our documentation, we are happy to address them!

Information Security Documentation

Please select your Rapid7 product or service below to access the corresponding information security documentation.

Trust and Assurance Packet

Additionally, we’re able to provide our Trust and Assurance packet which contains a series of documents that provides an in-depth look at the measures we take to protect your data and maintain your trust. While the information above is specific to the security of Rapid7’s products and services,  the Trust and Assurance Packet,  contains our internal information security policies, contingency planning information, as well as third-party audit reports, and self assessment attestations of compliance. Please register to download the Rapid7 Trust and Assurance Package.

By clicking the ‘ACCEPT’ button to the right, you agree to the Nondisclosure Agreement, including its confidentiality obligations, and the Rapid7 Privacy Policy.

 

Vulnerability Handling and Disclosure

We work hard to ensure all our products are secure from the start, but we want to know if you find a vulnerability or other security flaw when using one of our products. As a provider of security software, services, and research, we strive to set an example with our coordinated vulnerability disclosure philosophy.

If you believe you have discovered a vulnerability in a Rapid7 product, please fill out this form so our security team can ensure the issue is addressed.

Read our full vulnerability disclosure policy

If you need to report a security incident or get in contact with Rapid7’s security team for some other reason, contact us at security@rapid7.com.

Please use our PGP public key - KeyID: 959D3EDA - if you feel the need to encrypt your communications with us.