 |
SOC 2 II型Rapid7 undergoes a SOC 2 II型 audit annually to ensure the effectiveness of controls relevant to security. |
 |
EU General Data Protection Regulation (GDPR)The European Union’s (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. GDPR imposes new obligations in relation to the processing, 存储, 和 transmission of personal data of individuals residing in the EU. With customers around the world, Rapid7 has implemented controls across our organization to achieve 和 maintain compliance with this new framework. For information on personal data transfers 和 Brexit, please 阅读我们的声明. |
EU-U.S. 私隐保护架构Rapid7 participates in 和 has certified compliance with the EU-U.S. 私隐保护架构. Rapid7 is responsible for the processing of personal data it receives under the 私隐保护架构, 和 subsequent transfers to a third-party acting as an agent on its behalf. Rapid7 complies with the Privacy Shield Principles for all transfers of personal data from the European Economic Area (“EEA”), including the onward transfer liability provisions. To learn more about the 私隐保护架构, visit the U.S. Department of Commerce’s Privacy Shield List. |
|
 |
萨班斯-奥克斯利法案The 萨班斯-奥克斯利法案 was enacted by the United 状态s Congress in 2002 to protect shareholders 和 the general public from accounting errors 和 fraudulent practices in enterprises, 和 to improve the accuracy of corporate disclosures. Rapid7 is a publicly traded company 和 undergoes SOX audits on an annual basis to ensure our internal control system is well structured 和 operating effectively. |
 |
Amazon Web 服务 (AWS) 安全 Competency实现 Amazon Web 服务 (AWS) 安全 Competency differentiates Rapid7 as an AWS Partner Network (APN) member that offers specialized software designed to help organizations adopt, develop 和 deploy complex security projects on AWS. 接受指定, APN partners must possess deep AWS expertise 和 deliver solutions seamlessly on AWS. |
 |
ISO 27001 b谢尔曼ISO 27001 is an international st和ard for effectively managing information security. The st和ard was originally published jointly by the International Organization for St和ardization (ISO) 和 the International Electrotechnical Commission (IEC) in 2005, 2013年修订, 2022年也是如此. It details requirements for establishing, 实现, maintaining 和 continually improving an information security management system (ISMS). Rapid7’s ISMS is ISO 27001 certified. The ISO 27001 certification process includes a rigorous audit conducted by a third party. Rapid7的ISMS由 Schellman. Certified organizations must undergo annual audits to maintain compliance. |
Insight platform cloud infrastructure provider
The Rapid7 Insight cloud infrastructure is hosted in AWS. Amazon continually manages risk 和 undergoes recurring assessments to ensure compliance with industry st和ards. We review Amazon’s relevant reports as part of our vendor management program 和 audit process. If you would like to access Amazon's reports, 包括SOC 2, SOC 3, FedRAMP合作伙伴包, 和ISO 27001:2013 SoA, we can direct you to these documents through the AWS Artifact website.