Platform
- TECHNOLOGY
  The Rapid7 Command Platform
  AI-Powered Cybersecurity Platform
  Start Trial
Products
- NEW!
  Surface Command
  Unlock a continuous 360° view of your attack surface
  FREE TRIAL
- DETECTION & RESPONSE
- Next-Gen SIEM
  INSIGHTIDR
- Threat Intelligence
  THREAT COMMAND
Services
- MXDR
  Managed Threat Complete
  24x7 MXDR to secure your extended ecosystem
  Request Demo
- DETECTION & RESPONSE
- Managed XDR
  MANAGED THREAT COMPLETE
- Incident Response Services
  EXPERIENCING A BREACH?
Resources
- NEW
  The Take Command Summit is back!
  Our largest virtual event returns Apr. 9
  Register
Company
Partners
Sign In

All Products

Platform
- TECHNOLOGY
  The Rapid7 Command Platform
  AI-Powered Cybersecurity Platform
  Start Trial
Products
- NEW!
  Surface Command
  Unlock a continuous 360° view of your attack surface
  FREE TRIAL
- DETECTION & RESPONSE
- Next-Gen SIEM
  INSIGHTIDR
- Threat Intelligence
  THREAT COMMAND
Services
- MXDR
  Managed Threat Complete
  24x7 MXDR to secure your extended ecosystem
  Request Demo
- DETECTION & RESPONSE
- Managed XDR
  MANAGED THREAT COMPLETE
- Incident Response Services
  EXPERIENCING A BREACH?
Resources
- NEW
  The Take Command Summit is back!
  Our largest virtual event returns Apr. 9
  Register
Company
Partners

Sign In

Documentation
All Products
Release Notes

Release Notes

Insight Product Release Notes

InsightVM
InsightIDR
InsightAppSec
InsightConnect
InsightCloudSec
tCell
Threat Command

More Release Notes

Metasploit
AppSpider Pro
AppSpider Enterprise
Komand
Nexpose
Insight Agent
Insight Network Sensor
InsightOps

InsightAppSec Release Notes

May 23, 2025

This document is no longer updated as of May 23, 2025. Read new release notes in the Command Platform Help.

May 16, 20252025.05.16

Enhancements to crawling/scanning with R7Crawler improvements including technology analysis, Chromium integration, and macro headers. Scan engine stability and responsiveness improvements. OTP support in ChromeHost macros. Password exposure check enhancements, NodeJS update, report config options, PCI 4.0 mapping, CSP meta tag handling, and ChromeDriver upgrade.

Mar 10, 20252025.03.10

This engine release includes Macro based HOTP/TOTP Authentication, enhancements to the SSL Strength and Swagger UI DOM Based attack modules. In addition, we have added enhanced Proxy support capabilities. It also includes various R7Crawler and ChromeHost improvements.

Jan 30, 20252025.01.30

This engine release includes enhancements to the BSQL Injection, File Inclusion and SSL Strength Modules. It also includes various R7Crawler and ChromeHost improvements.

Nov 28, 20242024.11.28

This engine release includes enhancements to the XSS severity when Content-Type is application/json. It also includes R7Crawler improvements, as well as various improvements and fixes for Automated Login Finder (ALF).

Oct 31, 20242024.10.31

This engine release includes enhancements to the HTTP Headers, the X-Powered-By HTTP Header and Server Configuration modules. It also includes Macro playback improvements, as well as various improvements and fixes for Automated Login Finder (ALF).

Sep 30, 20242024.09.30

This engine release includes enhancements to the Information Disclosure module, the XSS_DOM attack, Passive attacks, and PCI, as well as various improvements and fixes.

Sep 24, 20242024.09.24

This engine release includes new payload to the Information Disclosure module, the inclusion of ALF traffic in the traffic metadata log, as well as various improvements and fixes.