New IDC MarketScape Names Rapid7 a Leader in U.S. Managed Detection and Response (MDR)

It’s a big year to be named a Leader.

Time magazine said the pandemic produced “the world’s largest work-from-home experiment.” Suddenly, everyone was accessing everything from everywhere. Control moved outside security’s four walls. More stuff moved to the cloud. And CEOs started wondering who’d be on the nightly news next explaining why they paid millions to EvilCorp hackers.

So this year, especially, Rapid7 is thrilled to be recognized as a Leader in the IDC MarketScape: Managed Detection and Response 2021 Vendor Assessment, (Doc #US48129921, August 2021).

Source: "IDC MarketScape U.S. Managed Detection and Response Services 2021 Vendor Assessment", By: Craig Robinson and Christina Richmond, August 2021, IDC #US48129921.

This IDC MarketScape report shows an unbiased look at 15 MDR players in the U.S. market, evaluating each on capabilities. We feel this recognition reflects Rapid7’s mission to help our customers close the security achievement gap — because every company, regardless of their security team’s size, deserves a level playing field against attackers. Clearly we’re on the right path.

This recognition follows a slew of other accolades for Rapid7’s Detection and Response portfolio. In the last few months, Forrester Research recognized Rapid7 as a “Leader” (Mid-size MSSP Wave, Q3 2020) and “Strong Performer” (MDR Wave, Q1 2021). And Gartner recognized the underlying technology of the MDR service — InsightIDR — as a “Leader” for the third year in a row (SIEM Magic Quadrant, Q2 2021).

Why is this so important?

Nowadays, the MDR market is so noisy that all vendors can sound the same. When market reports like this are published, it proves there’s a difference between MDR providers and offerings delivering security outcomes versus promises.

Today, Rapid7 MDR security experts use our XDR technology to provide constant coverage across our customer’s modern environment — endpoints, users, network, and the cloud. Attackers can change their tactics, but Rapid7’s threat engine still lets us stay a step ahead.

IDC analysts like that Rapid7 MDR “applies proprietary threat intelligence and knowledge from the Metasploit and Velociraptor open-source communities.” This proprietary, community-infused threat intelligence, combined with our recent IntSights acquisition, will evolve our service with even more accurate detections across both internal and external attack surfaces. Attackers have nowhere to hide.

And unlike other MDR and MSSP services that rely on security generalists to simply manage technology and triage alerts, Rapid7's expert specialists take the lead on threat detection, validation, and how to respond.

Your team can stop threats earlier and respond faster. You can have the confidence that your environment is monitored 24x7. And you’ll have time to focus on what matters most (even if some days it’s just getting around to taking lunch).


Teams love Rapid7 MDR, and here’s why. We help you:

  • Build your cyber resilience: You can detect threats with confidence. Our team delivers the answers needed to find and stop attacks, not just deliver alerts. And we’ll partner with your team to strengthen your security program.
  • Enable you to scale with SecOps experts: 24x7 is table stakes now. But having continuous coverage by breach response analysts isn’t. Customers can collaborate with Rapid7 security advisors and get the incident response help needed if (or when) it’s needed most.
  • Provide full transparency into operations: You see what we see with full access to the technology our analysts use. Learn from our experts and community. Then prove out the ROI with comprehensive reporting that even your CFO would appreciate.
  • Catch attackers with 24x7 XDR technology: Unify and transform relevant security data from across endpoints, users, network traffic, and the cloud to detect and respond to attackers wherever they are.
  • Achieve a rapid time-to-value: Jumpstart detection and response from day one. We’ll provide you with the guidance and advice to move from risk to remediation and strengthen your cyber resilience.