Rapid7 Achieves GovRAMP Authorization, Expanding Access to AI-Powered Cybersecurity to State, Local, and Educational Organizations

Boston, MA – June 23, 2026 – Rapid7, Inc. (NASDAQ: RPD), a global leader in AI-powered managed cybersecurity operations, today announced that its InsightGovCloud Platform has achieved GovRAMP Authorization.  The authorization enables state, local, and educational organizations to leverage Rapid7’s vulnerability management, cloud security, and security automation solutions  through a security framework specifically designed for government procurement and compliance requirements.

State, local, and educational (SLED) organizations face increasingly sophisticated cyber threats, including ransomware, vulnerability exploitation, and attacks targeting cloud environments . At the same time, these organizations must modernize security programs while operating with limited resources and navigate complex procurement and compliance requirements.

GovRAMP helps address that challenge by providing a nationally recognized, standardized, and reusable security assessment framework for state and local government. This allows SLED agencies to evaluate and procure cloud solutions with greater confidence, while reducing the need to duplicate security reviews across every vendor engagement.

With InsightGovCloud now GovRAMP Authorized, SLED organizations can adopt a cybersecurity platform that helps security teams identify, prioritize, validate, and remediate risk across complex environments.

• Find and close vulnerabilities across hybrid environments: Use agent-based and agentless scanning options backed by a unified vulnerability database to identify risk across endpoints, cloud, and on-premises infrastructure.
• Prioritize the exposures most likely to be exploited: Apply Rapid7’s threat-enriched risk scoring, which incorporates real-world attacker behavior, blast radius, and exploitability context to surface the risks that matter most.
• Validate exploitability with Metasploit integration: Leverage automated scans that use Metasploit, the world’s most widely adopted open-source penetration testing framework, to simulate real-world attacks and validate which vulnerabilities represent genuine risk.
• Maintain continuous cloud security posture: Gain real-time visibility across cloud workloads and Kubernetes environments, with capabilities that help reduce misconfigurations and support audit readiness.
• Automate response and connect security and IT teams: Use built-in integrations and automated remediation workflows to deliver actionable guidance directly to ITOps tools and accelerate time to remediation.

"State and local governments need trusted technology partners that understand both the urgency of modernization and the responsibility of protecting public data," said Sabeen Malik, Vice President, Global Government Affairs and Public Policy at Rapid7. "Rapid7's GovRAMP Authorization reinforces our commitment to supporting secure, compliant modernization across the public sector and gives SLED agencies a clear, confident path to the tools they need."

Rapid7 maintains certifications and attestations including SOC 2 Type 2, ISO 27001, TX-RAMP, IRAP, EU–U.S. Data Privacy Framework, and Cyber Essentials Plus (CE+), applicable to designated products and services.. GovRAMP Authorization extends that commitment to the state and local government ecosystem

To learn more visit  Rapid7 GovRAMP solutions page, view InsightGovCloud on the GovRAMP product list, or read our latest blog on what GovRAMP means for SLED agencies.