Welcome to InsightAppSec

InsightAppSec is part of Rapid7's security suite, providing Dynamic Application Security Testing (DAST) for mature and maturing Application Security professionals. Apps are getting more and more complex, utilizing complex JavaScript frameworks, like React and Angular, that provide a richer experience and an easier path to full feature sets, but also present challenges to secure those apps.

App-centric design

An App portfolio is a complex beast. Some are external; some are internal. Some are updated often; others gather dust for years. Each has a personality, and users manage them based on the business context.

Apps interface in InsightAppSec

InsightAppSec puts your Apps front and center in the "Apps" screen. From this screen you can add new Apps, manage existing apps, and easily monitor your App portfolio for the existence of critical vulnerabilities that may lead to a breach.

AppSec simplified

Application security is hard, but using application security tools shouldn't be. Application security scans come with a thousand options, but InsightAppSec ships with system defaults based on Rapid7's years of application security experience, so that you can spend your time focusing on remediating vulnerabilities. In cases where you need to choose between speed and comprehensiveness, InsightAppSec also provides you with a really simple Scan Configuration Wizard, so you can customize your scans according to the unique needs of your organization.

Usage and management

To access the application, navigate to https://insight.rapid7.com and enter the credentials provided by your organization's administrator.


  • Google Chrome (latest) (RECOMMENDED)
  • Mozilla Firefox (latest)
  • Mozilla Firefox ESR (latest)
  • Microsoft Edge (latest)

After you log in, we recommend that you review your profile by going to the Administration page and clicking on the Manage link under the Profile panel. The My Profile page lets you change your personal details, password and time zone. The time zone option is especially useful in scheduling scans and blackouts accurately.