Rapid7 Enhances Exposure Command with New Cloud Security Capabilities, Introducing Runtime Validation and Data Security Posture Management

Rapid7 enhances Exposure Command with cloud security features for proactive risk management and continuous validation of vulnerabilities.

Quiver AI Summary

Rapid7, Inc. has announced new cloud security features for its Exposure Command platform, enhancing its capabilities in managing cybersecurity risks in hybrid and multi-cloud environments. The new functionalities incorporate runtime validation and Data Security Posture Management (DSPM), allowing organizations to more effectively identify and prioritize exploitable risks based on actual attack paths and their business impact. The enhancements enable continuous validation of vulnerabilities and misconfigurations, alongside automated incident response actions to mitigate threats in real time. These improvements reflect a shift from reactive to proactive security measures, assisting teams in focusing on the most significant exposures to strengthen their defenses. Rapid7 will showcase these advancements, along with its Managed Detection and Response services, at the RSAC 2026 Conference in San Francisco later this month.

Potential Positives

Rapid7 has enhanced its Exposure Command solution with new cloud security capabilities, including runtime validation and Data Security Posture Management (DSPM), addressing the growing need for proactive risk management in hybrid and multi-cloud environments.
The introduction of automated cloud incident response capabilities allows organizations to respond to threats in real-time, effectively reducing the potential impact of attacks.
Rapid7's Recognition as a Leader in the 2025 Gartner Magic Quadrant for Exposure Assessment Platforms positions the company favorably in the cybersecurity market, signaling strong industry credibility and innovation.
The upcoming demonstrations at the RSAC 2026 Conference provide Rapid7 with a platform to showcase its advancements and engage with key stakeholders in the cybersecurity field.

Potential Negatives

The release focuses heavily on new features in their Exposure Command solution, which may suggest previous offerings were lacking or inadequate in addressing significant security concerns.
Rapid7's dependence on the continuous validation approach may raise concerns about the effectiveness of prior reactive models and the necessity of a shift, potentially signaling weaknesses in their earlier security strategies.
The complexity of monitoring AI-driven workloads and adapting to highly unpredictable environments may indicate challenges in maintaining robust security—potentially suggesting an increased risk for clients adopting these technologies.

FAQ

What are the new features in Rapid7's Exposure Command?

Rapid7 introduced runtime validation and Data Security Posture Management (DSPM) to enhance its Exposure Command capabilities.

How does runtime validation improve cloud security?

Runtime validation identifies actively exploitable vulnerabilities and misconfigurations, enabling proactive risk management in cloud environments.

What is Data Security Posture Management (DSPM)?

DSPM provides context by mapping sensitive data and identity access to real-world attack paths, enhancing risk prioritization.

Where can I learn more about Exposure Command?

More information about Exposure Command can be found at Rapid7's website: https://www.rapid7.com/products/command/exposure-management/.

When and where is Rapid7 demonstrating its new capabilities?

Rapid7 will showcase its new cloud security features at the RSAC 2026 Conference in San Francisco, from March 23-26.

Disclaimer: This is an AI-generated summary of a press release distributed by GlobeNewswire. The model used to summarize this release may make mistakes. See the full release here.

$RPD Insider Trading Activity

$RPD insiders have traded $RPD stock on the open market 9 times in the past 6 months. Of those trades, 5 have been purchases and 4 have been sales.

Here’s a breakdown of recent trading of $RPD stock by insiders over the last 6 months:

PARTNERS MANAGEMENT, LP JANA purchased 41,545 shares for an estimated $652,671
COREY E. THOMAS (CEO) purchased 14,500 shares for an estimated $200,390
THOMAS E SCHODORF purchased 6,300 shares for an estimated $98,910
SCOTT M MURPHY (Chief Accounting Officer) has made 0 purchases and 4 sales selling 4,227 shares for an estimated $52,866.
MARC EVAN BROWN purchased 3,000 shares for an estimated $45,630
MIKE BURNS purchased 2,000 shares for an estimated $27,600

To track insider transactions, check out Quiver Quantitative's insider trading dashboard.

$RPD Revenue

$RPD had revenues of $217.4M in Q4 2025. This is an increase of 0.52% from the same period in the prior year.

You can track RPD financials on Quiver Quantitative's RPD stock page.

$RPD Hedge Fund Activity

We have seen 135 institutional investors add shares of $RPD stock to their portfolio, and 154 decrease their positions in their most recent quarter.

Here are some of the largest recent moves:

UBS AM, A DISTINCT BUSINESS UNIT OF UBS ASSET MANAGEMENT AMERICAS LLC removed 4,516,032 shares (-76.2%) from their portfolio in Q4 2025, for an estimated $68,643,686
PENSERRA CAPITAL MANAGEMENT LLC added 1,357,794 shares (+50.6%) to their portfolio in Q4 2025, for an estimated $20,638,468
MIRAE ASSET GLOBAL ETFS HOLDINGS LTD. removed 863,489 shares (-39.8%) from their portfolio in Q4 2025, for an estimated $13,125,032
HAWK RIDGE CAPITAL MANAGEMENT LP removed 835,618 shares (-100.0%) from their portfolio in Q4 2025, for an estimated $12,701,393
FIRST TRUST ADVISORS LP added 758,009 shares (+48.3%) to their portfolio in Q4 2025, for an estimated $11,521,736
VANGUARD GROUP INC added 653,498 shares (+7.6%) to their portfolio in Q4 2025, for an estimated $9,933,169
SG AMERICAS SECURITIES, LLC added 573,069 shares (+1788.2%) to their portfolio in Q4 2025, for an estimated $8,710,648

To track hedge funds' stock portfolios, check out Quiver Quantitative's institutional holdings dashboard.

$RPD Analyst Ratings

Wall Street analysts have issued reports on $RPD in the last several months. We have seen 1 firms issue buy ratings on the stock, and 0 firms issue sell ratings.

Here are some recent analyst ratings:

UBS issued a "Buy" rating on 10/21/2025

To track analyst ratings and price targets for $RPD, check out Quiver Quantitative's $RPD forecast page.

$RPD Price Targets

Multiple analysts have issued price targets for $RPD recently. We have seen 15 analysts offer price targets for $RPD in the last 6 months, with a median target of $11.5.

Here are some recent targets:

Saket Kalia from Barclays set a target price of $8.0 on 02/12/2026
Fatima Boolani from Citigroup set a target price of $11.5 on 02/12/2026
Rudy Kessinger from DA Davidson set a target price of $6.5 on 02/11/2026
Rob Owens from Piper Sandler set a target price of $10.0 on 02/11/2026
Matthew Hedberg from RBC Capital set a target price of $12.0 on 02/11/2026
Gregg Moskowitz from Mizuho set a target price of $12.0 on 02/11/2026
Junaid Siddiqui from Truist Securities set a target price of $8.0 on 02/11/2026

Full Release

BOSTON, March 19, 2026 (GLOBE NEWSWIRE) -- Rapid7, Inc. (NASDAQ: RPD), a global leader in AI-powered managed cybersecurity operations, announced new cloud security capabilities within Exposure Command, its industry-leading exposure management solution. The introduction of runtime validation and Data Security Posture Management (DSPM) enables organizations to identify, validate, and prioritize exploitable risk based on real-world attack paths and business impact.

As organizations scale hybrid and multi-cloud environments, security programs must move beyond reactive models built on assessment alone. With runtime validation and DSPM, Rapid7 advances Exposure Command from continuous assessment to continuous validation, enabling proactive exposure reduction across hybrid environments. Runtime validation determines which vulnerabilities and misconfigurations are actively exploitable, while DSPM provides critical context by mapping sensitive data and identity access to real-world attack paths that increase risk.

“True cloud risk happens at the intersection of vulnerabilities, identities, and sensitive data in production,” said Craig Adams, chief product officer at Rapid7. “By embedding runtime validation and data context into Exposure Command, we enable security teams to identify the exposures that pose the greatest risk and prioritize remediation earlier, strengthening resilience before those risks translate into breach impact.”

Rapid7’s new cloud security capabilities in Exposure Command include:

Continuous visibility at runtime: Analyze live cloud workloads and validate which vulnerabilities and misconfigurations are actively exploitable. Leveraging eBPF-based sensors and AI-to-baseline application behavior, the solution correlates runtime signals with posture findings and business context.
Continuous monitoring of AI-driven workloads: Detect and neutralize deviations in highly complex, unpredictable cloud environments by continuously monitoring AI agents. Going beyond static vulnerability scoring, this validates which exposures are active across AI workloads.
Automated cloud incident response: Initiate automated remediation actions once a threat is detected and validated. Steps include pausing, quarantining, or killing processes to neutralize and reduce the blast radius of any attack.
Data aware risk prioritization: Align sensitive data intelligence with attacker reachability to continuously discover and classify sensitive data and map identity access across cloud, SaaS, and hybrid environments. This shows whether high-value data is realistically reachable through real-world attack paths, enabling remediation decisions based on breach impact rather than vulnerability severity alone.

Together, runtime validation and DSPM enhance Exposure Command’s ability to identify and prioritize exploitable risk, enabling organizations to continuously detect and remediate active exposures before they become legitimate threats.

To learn more about Exposure Command, a Leader in the 2025 Gartner ^® Magic Quadrant™ for Exposure Assessment Platforms , visit https://www.rapid7.com/products/command/exposure-management/ .

Rapid7 will be demonstrating the new cloud security capabilities, recent innovations in our Managed Detection and Response (MDR) service, and the full capabilities of Exposure Command live at the RSAC 2026 Conference in San Francisco, March 23-26, booth #S-3201.

Rapid7 will also present the following sessions at the conference:

Exploiting Cellular IoT Pathways to Compromise Trusted Access - Deral Heiland, Principal Security Researcher, IoT - March 24, 1:15 PM - 2:05 PM PDT, Moscone West 2020
Sleeper Cells in the Telecom Backbone: Covert Ops - Christiaan Beek, VP of Cyber Intelligence - March 26, 12:20 PM - 1:10 PM PDT, Moscone West 2018

About Rapid7

Rapid7, Inc. (NASDAQ: RPD) is a global leader in AI-powered managed cybersecurity operations, trusted to advance organizations’ cyber resilience. Open and extensible, the Rapid7 Command Platform integrates security data, enriching it with AI, threat intelligence, and 25 years of expertise and innovation to reduce risk and disrupt attackers. As a recognized leader in preemptive managed detection and response (MDR), Rapid7 unifies exposure and detection to transform the cybersecurity operations of more than 11,500 customers worldwide. For more information, visit our website , check out our blog , or follow us on LinkedIn or X .

Rapid7 Media Relations
Alice Randall
Director, Global Communications
[email protected]
(857) 216-7804

Rapid7 Investor Contact
Matt Wells
Vice President, Investor Relations
[email protected]
(617) 865-4277