Fight the Living Threat

Rapid7’s IT security data and analytics solutions collect, contextualize and analyze the security data you need to fight an increasingly deceptive and pervasive adversary.


Unlike traditional vulnerability assessment or incident management, Rapid7 provides insight into the security state of your assets and users, across virtual, mobile, private and public cloud networks.

We offer advance capabilities for vulnerability management, penetration testing, end point controls assessment and incident detection and investigation to help you improve risk management, simplify compliance and stop threats faster when a compromise occurs.

Radar for Deception-Based Attacks

UserInsight helps you detect, investigate and stop threats faster with:

  • Simplified discovery of user behavior within the firewall, in cloud services, and on mobile devices.
  • Smart Detection of attacks based on a proprietary analysis and understanding of historical patterns of user behavior.
  • Fast incident response by rapidly identifying which user took a particular action and enabling fast decisions on a course of action.

Night Vision for Your Network

Nexpose proactively scans your environment for misconfigurations and vulnerabilities and provides guidance for mitigating risk. Experience the power of Nexpose by:

  • Knowing the security risk of your entire IT environment including assets, operating systems, web applications, and databases, in your physical and virtual environments.
  • Exposing security threats including vulnerabilities, misconfigurations, and malware.
  • Prioritizing threats and getting specific remediation guidance for each issue.
  • Simplifying compliance through customized templates and reporting that help you align with required and recommended standards including PCI DSS, NERC, FISMA, HIPAA/HITECH, SANS Top 20 CAGS, DISA STIGS, and CIS standards.
  • Integrating with Metasploit to provide closed-loop validation of the security risk in your environment. Ensuring you have the right end-point controls deployed by integrating with ControlsInsight.

The Attacker's Playbook

Get a clear view of how your network can be exploited, so you can focus your efforts and back up your action plan. Metasploit can help you to:

  • Safely simulate attacks on your network to uncover pressing security issues with the industry’s most complete set of exploits.
  • Further assess and validate vulnerabilities in your environment.
  • Verify your defenses, security controls, and mitigation efforts with advanced evasion techniques, testing for weak credentials, and the ability to manage penetration tests at scale.
  • Manage phishing exposure through testing both user awareness and technical controls.

The Game Plan for Your
Security Program

ControlsInsight helps you to:

  • Measure how well critical security controls are deployed and configured across endpoints, including the state of your antivirus, code execution prevention, password hygiene, and more.
  • Analyze your security posture using industry best practices for defending against evolving threats.
  • Create and track progress against your plan to improve endpoint security.