Over the last six months we’ve delivered significant advancements across the Command Platform, as well as received recognition as a Leader in Exposure Management and Managed Detection and Response (MDR) analyst reports. From launching new AI-driven capabilities – including our new next-gen SIEM Incident Command – to introducing real-time visibility into organizational risk with enhanced dashboarding, we continued to innovate in ways that support faster, more confident decision making. Explore the highlights of what we’ve been up to below.
Exposure Management: Prioritize risk across your attack surface
Rapid7 named a Leader in the 2025 Gartner® Magic Quadrant™ for Exposure Assessment Platforms
Rapid7 was recognized as a Leader in the inaugural 2025 Gartner® Magic Quadrant™ for Exposure Assessment Platforms (EAP). We believe this reflects our ability to help customers continuously understand, prioritize, and reduce risk across their hybrid environments. Exposure Command brings unified visibility, attacker-aware prioritization, and guided remediation together in one platform, enabling teams to make faster, more confident decisions with validated, business-aligned risk insights. Check out our recent blog post to learn more.
Remediate vulnerabilities faster with AI-generated Risk Intelligence
Prioritizing remediation is difficult when teams are flooded with CVEs and lack actionable context about real-world risk. We introduced AI-generated risk intelligence within Remediation Hub to help teams focus on the vulnerabilities that matter most and drive faster, more consistent risk reduction by distilling exploitability, business impact, toxic combinations, and patchability into clear summaries and guided actions. Check out our recent blog post to learn more.
⠀
AI-generated Remediation Summary in Remediation Hub
Gain real-time visibility and communicate progress with the Exposure Management Dashboard
To effectively plan, track, and communicate exposure reduction, teams need a clear, real-time view of their security posture. The new Exposure Management Dashboard provides this view with an at-a-glance snapshot of asset coverage, exposure trends, and remediation progress — ideal for quarterly planning cycles and board-level reporting. Exportable views make it easy to justify investment decisions, demonstrate measurable improvements, and show how tool consolidation is strengthening your security program. Learn more in our recent blog.
⠀
Exposure Management Dashboard, built to give you a real-time view of organizational risk
Validate real cloud exposures with Public Exposure Validation
When cloud configurations drift or controls degrade, it’s critical to know which assets are actually exposed to the public internet. Public Exposure Validation confirms externally reachable cloud resources using real external scans, reducing noise and eliminating theoretical findings.
Teams gain clearer visibility into true attack paths, shorten investigation cycles, and validate that remediation efforts are closing real gaps. This strengthens their posture with evidence, not assumptions. Learn more in our recent blog.
Keep external visibility accurate with Dynamic EASM Discovery
Accurate external discovery depends on seeds that reflect what’s truly exposed. But static seed lists can quickly become outdated. Dynamic EASM Discovery continuously pulls domains and public IP ranges from authoritative sources such as MarkMonitor, NetBox, and Rapid7 AppSec, ensuring your discovery scope stays current without manual upkeep.
This eliminates blind spots, keeps external inventories aligned with real-world change, and strengthens CTEM outcomes by grounding scope, discovery, and prioritization in real-time data rather than spreadsheets. See our recent blog on Dynamic EASM Discovery to learn more.
Detection and Response: Transform your SOC operations
Rapid7 named a Leader in the 2025 Frost Radar™ for Managed Detection and Response
In addition to being named a Leader in Exposure Assessment, we’re proud to share that we have also received this recognition for Managed Detection and Response with Frost & Sullivan recognizing Rapid7 as a Leader in the 2025 Frost Radar™ for MDR, based on innovation and growth in a field of 120 evaluated vendors. The report highlights:
-
Rapid7’s AI-driven triage accuracy of 99.93%, which helps security teams close benign alerts and reclaim 200+ SOC hours per week
-
Our unified platform combining MDR with exposure management, threat hunting, and active remediation
-
180+ third-party integrations across endpoint, network, cloud, and identity
This recognition reinforces Rapid7’s commitment to proactive, outcome-driven security and delivering continuous innovation, transparent AI, and measurable value to customers. Learn more.
IDC publishes its Business Value of Rapid7 MDR Study
IDC recently published its Business Value of Rapid7 MDR study, highlighting how customers can achieve a 422% three-year ROI, a 5-month payback period, and an impressive range of additional security outcomes delivered through Rapid7 Managed Detection and Response. The study found that Rapid7 MDR significantly reduced the chances of major security incidents and improved the speed to identify threats for customers – translating to both risk reduction and cost savings. Learn more about the study in our blog or download the full report.
New third party event sources available for Rapid7 SOC management
For organizations to stay secure, they need visibility across their entire attack surface. With recent third party event source expansions, our Rapid7 SOC can now manage PAN Cortex XDR, Okta Identity, and Google Security Command Center alerts as a part of our MDR and Managed Threat Complete offerings. This reinforces our defense-in-depth approach, in which Rapid7 collects, correlates, and maps native and third party telemetry to the MITRE ATT&CK framework, providing expanded visibility and greater protection across your entire attack surface. Learn more about SOC-supported third-party event sources here.
Introducing Incident Command
In July we announced our new AI-powered, next-gen SIEM, Incident Command. Designed to transform how security teams manage investigations and response, Incident Command automates manual tasks and guides analysts through complex workflows — accelerating triage, providing real-time recommended actions, and unifying critical context across alerts and incidents.
Backed with generative AI, our next-gen SIEM helps teams reduce mean time to respond (MTTR), improve consistency, and scale security operations without adding headcount. Learn more about what Incident Command can do for your team here.
⠀
The Incident Command Home Page brings critical SOC analyst tools together into a singular, actionable view
Rapid7 recognized for the 7th consecutive year in Gartner® Magic Quadrant™ for SIEM
Rapid7 has been recognized in the 2025 Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM), proof of our continued focus on helping security teams work smarter, respond faster, and stay ahead of evolving threats. This year’s report explores how SIEMs are transforming to meet the demands of modern, hybrid environments with greater automation, stronger analytics, and improved efficiency across security operations. We believe our inclusion underscores our commitment to delivering speed, transparency, and extensibility with our next-gen SIEM. Read the report for more insights.
InsightGovCloud: Trusted security for federal agencies
Rapid7 achieves FedRAMP authorization for InsightGovCloud platform
Our achievement of FedRAMP Authorization to Operate (ATO) underscores our commitment to delivering secure, trusted cloud security solutions for federal agencies. The InsightGovCloud Platform provides government customers with vetted capabilities for vulnerability management, cloud security posture, and threat detection, meeting the rigorous standards required to protect sensitive federal environments, while enabling faster, more efficient security operations. Learn more.
Rapid7 Labs: Uplevel your defenses with our latest cybersecurity intelligence and research findings
New research: Q3 2025 Threat Landscape Report
Our Threat Landscape Report provides an analysis of global adversary behavior drawn from Rapid7’s MDR operations, vulnerability intelligence, and threat research. Our latest Q3 2025 report outlines key trends that are shaping today’s threat environment – including AI-assisted attacks and the rapid operationalization of new vulnerabilities – offering clear guidance to help security teams anticipate emerging risks and strengthen defenses in an increasingly fast-evolving landscape. Read the report here.
Emergent threat response: Real-time guidance for critical threats
Rapid7’s Emergent Threat Response (ETR) program from Rapid7 Labs delivers fast, expert analysis and first-rate security content for the highest-priority security threats. In H2 2025, Rapid7’s ETR team provided expert analysis, content, and mitigation guidance for a variety of notable vulnerabilities, including:
Follow along here to see the latest emergent threat guidance from our team.
Technical assessments of CVEs in AttackerKB
Rapid7 researchers also publish additional vulnerability assessments in AttackerKB to help customers and the community understand and prioritize notable CVEs. Notable contributions from the back-half of 2025 include:
Stay tuned for more!
As always, we’re continuing to work on exciting product enhancements and releases throughout the year. Keep an eye on our blog and release notes as we continue to highlight the latest in product and service investments at Rapid7.
