Skip to main content

Rapid7 Advances Exposure Command with New Cloud Security Capabilities for Runtime Validation and Data Security Posture Management

Written by Customer Service on . Posted in Public Companies.

AI-driven runtime validation and data context strengthen proactive exposure reduction across hybrid environments

BOSTON, March 19, 2026 (GLOBE NEWSWIRE) — Rapid7, Inc. (NASDAQ: RPD), a global leader in AI-powered managed cybersecurity operations, announced new cloud security capabilities within Exposure Command, its industry-leading exposure management solution. The introduction of runtime validation and Data Security Posture Management (DSPM) enables organizations to identify, validate, and prioritize exploitable risk based on real-world attack paths and business impact.

As organizations scale hybrid and multi-cloud environments, security programs must move beyond reactive models built on assessment alone. With runtime validation and DSPM, Rapid7 advances Exposure Command from continuous assessment to continuous validation, enabling proactive exposure reduction across hybrid environments. Runtime validation determines which vulnerabilities and misconfigurations are actively exploitable, while DSPM provides critical context by mapping sensitive data and identity access to real-world attack paths that increase risk.

“True cloud risk happens at the intersection of vulnerabilities, identities, and sensitive data in production,” said Craig Adams, chief product officer at Rapid7. “By embedding runtime validation and data context into Exposure Command, we enable security teams to identify the exposures that pose the greatest risk and prioritize remediation earlier, strengthening resilience before those risks translate into breach impact.”

Rapid7’s new cloud security capabilities in Exposure Command include:

  • Continuous visibility at runtime: Analyze live cloud workloads and validate which vulnerabilities and misconfigurations are actively exploitable. Leveraging eBPF-based sensors and AI-to-baseline application behavior, the solution correlates runtime signals with posture findings and business context.
  • Continuous monitoring of AI-driven workloads: Detect and neutralize deviations in highly complex, unpredictable cloud environments by continuously monitoring AI agents. Going beyond static vulnerability scoring, this validates which exposures are active across AI workloads.
  • Automated cloud incident response: Initiate automated remediation actions once a threat is detected and validated. Steps include pausing, quarantining, or killing processes to neutralize and reduce the blast radius of any attack.
  • Data aware risk prioritization: Align sensitive data intelligence with attacker reachability to continuously discover and classify sensitive data and map identity access across cloud, SaaS, and hybrid environments. This shows whether high-value data is realistically reachable through real-world attack paths, enabling remediation decisions based on breach impact rather than vulnerability severity alone.

Together, runtime validation and DSPM enhance Exposure Command’s ability to identify and prioritize exploitable risk, enabling organizations to continuously detect and remediate active exposures before they become legitimate threats.

To learn more about Exposure Command, a Leader in the 2025 Gartner® Magic Quadrant™ for Exposure Assessment Platforms, visit https://www.rapid7.com/products/command/exposure-management/.

Rapid7 will be demonstrating the new cloud security capabilities, recent innovations in our Managed Detection and Response (MDR) service, and the full capabilities of Exposure Command live at the RSAC 2026 Conference in San Francisco, March 23-26, booth #S-3201.

Rapid7 will also present the following sessions at the conference:

About Rapid7

Rapid7, Inc. (NASDAQ: RPD) is a global leader in AI-powered managed cybersecurity operations, trusted to advance organizations’ cyber resilience. Open and extensible, the Rapid7 Command Platform integrates security data, enriching it with AI, threat intelligence, and 25 years of expertise and innovation to reduce risk and disrupt attackers. As a recognized leader in preemptive managed detection and response (MDR), Rapid7 unifies exposure and detection to transform the cybersecurity operations of more than 11,500 customers worldwide. For more information, visit our website, check out our blog, or follow us on LinkedIn or X.

Rapid7 Media Relations
Alice Randall
Director, Global Communications
press@rapid7.com
(857) 216-7804

Rapid7 Investor Contact
Matt Wells
Vice President, Investor Relations
investors@rapid7.com
(617) 865-4277

Disclaimer & Cookie Notice

Welcome to GOLDEA services for Professionals

Before you continue, please confirm the following:

Professional advisers only

I am a professional adviser and would like to visit the GOLDEA CAPITAL for Professionals website.

Important Notice for Investors:

The services and products offered by Goldalea Capital Ltd. are intended exclusively for professional market participants as defined by applicable laws and regulations. This typically includes institutional investors, qualified investors, and high-net-worth individuals who have sufficient knowledge, experience, resources, and independence to assess the risks of trading on their own.

No Investment Advice:

The information, analyses, and market data provided are for general information purposes only and do not constitute individual investment advice. They should not be construed as a basis for investment decisions and do not take into account the specific investment objectives, financial situation, or individual needs of any recipient.

High Risks:

Trading in financial instruments is associated with significant risks and may result in the complete loss of the invested capital. Goldalea Capital Ltd. accepts no liability for losses incurred as a result of the use of the information provided or the execution of transactions.

Sole Responsibility:

The decision to invest or not to invest is solely the responsibility of the investor. Investors should obtain comprehensive information about the risks involved before making any investment decision and, if necessary, seek independent advice.

No Guarantees:

Goldalea Capital Ltd. makes no warranties or representations as to the accuracy, completeness, or timeliness of the information provided. Markets are subject to constant change, and past performance is not a reliable indicator of future results.

Regional Restrictions:

The services offered by Goldalea Capital Ltd. may not be available to all persons or in all countries. It is the responsibility of the investor to ensure that they are authorized to use the services offered.

Please note: This disclaimer is for general information purposes only and does not replace individual legal or tax advice.