Rapid7 is like Tenable, but with integrated SIEM and managed detection and response (MDR) services for holistic security operations.

Rapid7 is like Splunk for dedicated cybersecurity, offering integrated vulnerability management and managed security services.

Rapid7 is like Datadog for cybersecurity operations, providing a unified platform for vulnerability management, SIEM, and threat response.

• InsightVM: A vulnerability management solution that identifies and prioritizes security weaknesses across an organization's network, endpoints, and applications.
• InsightIDR: An Extended Detection and Response (XDR) platform providing advanced threat detection, incident response, and analytics for security operations teams.
• InsightCloudSec: A comprehensive cloud security solution for managing posture, compliance, and workload protection across multi-cloud environments.
• Managed Detection and Response (MDR): A service where Rapid7 experts monitor, detect, and respond to security threats on behalf of customers 24/7.
• Application Security (AppSec) Solutions: Tools and services designed to help organizations integrate security into their software development lifecycle and protect applications at runtime.

Rapid7 (RPD) primarily sells its cybersecurity solutions, including vulnerability management, security analytics, and security orchestration, automation, and response (SOAR), to other companies and organizations. This makes it a business-to-business (B2B) company.

Rapid7 does not publicly disclose the names of specific "major customer companies" or individual clients. This is common for companies with a broad and diversified customer base, as their revenue is spread across many clients rather than being concentrated with a few large ones. Public companies are typically only required to disclose customers if they represent a significant portion (e.g., 10% or more) of their total revenue, which is not the case for Rapid7.

Instead, Rapid7 serves a wide range of organizations across various industries and sizes. Its typical customer profile includes:

• Mid-market to Enterprise-level Organizations: Rapid7's solutions are designed to be scalable, catering to both growing mid-sized companies and large, complex global enterprises that require advanced cybersecurity capabilities to protect their assets and data.
• Organizations Across Diverse Industries: This includes, but is not limited to, companies in financial services, healthcare, technology, retail, manufacturing, government, and professional services. Any organization with an IT infrastructure and critical data to protect from cyber threats is a potential customer.
• Companies Focused on Risk Management and Compliance: Customers often leverage Rapid7's solutions to enhance their overall security posture, manage vulnerabilities effectively, detect and respond to security incidents, and meet various regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS, SOC 2).

• Amazon.com, Inc. (AMZN)

Corey E. Thomas, Chairman & Chief Executive Officer

Corey E. Thomas has served as the Chairman and CEO of Rapid7 since 2012, leading the company through its IPO in 2015. He joined Rapid7 in 2008 and previously held roles as SVP of marketing and sales and COO. Prior to Rapid7, he held significant positions at Parallels Inc., Microsoft, and Deloitte Consulting. Mr. Thomas is also an angel investor in several tech companies and co-founded Pillar VC, a venture capital firm. Rapid7 itself was backed by private equity firms Bain Capital and Technology Crossover Ventures when he joined. He founded The New Commonwealth Racial Equity & Social Justice Fund, Inc.

Tim Adams, Chief Financial Officer

Tim Adams was appointed Chief Financial Officer of Rapid7 in January 2022. He previously served as CFO of BitSight Technologies since April 2020. His extensive financial leadership experience in the technology industry includes prior CFO roles at ObsEva SA, Demandware, Inc., and athenahealth, Inc. Demandware was acquired by Salesforce, and athenahealth was acquired by private equity firms. Mr. Adams also served as CFO at Imprivata, which went public and was subsequently sold to Thoma Bravo, a private equity investment firm. He began his career in public accounting at PricewaterhouseCoopers LLP.

Craig Adams, Chief Product Officer

Craig Adams serves as the Chief Product Officer at Rapid7. No further detailed background is readily available in the provided search results.

Bridget Collins, Chief Information & Business Transformation Officer

Bridget Collins holds the position of Chief Information & Business Transformation Officer at Rapid7. No further detailed background is readily available in the provided search results.

Cynthia Stanton, Chief Marketing Officer

Cynthia Stanton is the Chief Marketing Officer and Senior Vice President at Rapid7. No further detailed background is readily available in the provided search results.

The key risks to Rapid7's (RPD) business are primarily related to intense market competition and challenges in sustaining growth, financial stability due to its debt burden and profitability concerns, and operational risks associated with its increasing use of AI and the evolving cybersecurity threat landscape.

Key Risks:

1. Competitive Market and Growth Challenges: Rapid7 operates in a highly competitive and fragmented cybersecurity market, facing intense competition from both established and emerging vendors. The company has experienced decelerating revenue growth, and its core Vulnerability Management (VM) business is in decline with reduced demand for on-premises assets. Macroeconomic uncertainties are also creating a cautious spending environment, particularly among mid-market customers, leading to increased deal scrutiny and longer sales cycles, which could negatively impact Annual Recurring Revenue (ARR) growth.
2. Financial Stability (Debt and Profitability): Rapid7 carries a substantial debt burden, including long-term senior convertible notes which risk diluting share value. Despite experiencing significant revenue growth in recent periods, the company has historically posted net losses and faces challenges in maintaining profitability amidst increasing operating expenses, particularly in sales, marketing, and research and development.
3. Evolving AI/Technology and Cybersecurity Risks: Rapid7 is increasingly utilizing AI in its operations, which introduces risks related to accuracy, bias, and data privacy. The evolving regulatory environment around AI could also pose compliance and operational challenges. Furthermore, as a cybersecurity solutions provider, Rapid7 is exposed to heightened cybersecurity risks, including potential breaches of its own systems, which could harm its reputation and financial results. The company also faces challenges related to managing rapid growth, integrating acquired businesses, and its reliance on third-party software and data.

The intensifying trend of platform consolidation driven by major hyperscalers and dominant endpoint security vendors poses a clear emerging threat to Rapid7.

• Hyperscalers like Microsoft: Microsoft is leveraging its vast installed base (Windows, Azure, M365) to offer increasingly comprehensive and integrated security suites (e.g., Defender for Endpoint, Identity, Cloud; Sentinel SIEM/SOAR; Purview). The growing maturity, deep integration, and often bundled nature of these offerings make them highly attractive to enterprises looking to consolidate vendors and simplify their security stack. This directly threatens Rapid7's products like InsightIDR (SIEM) and InsightVM (Vulnerability Management), as customers may opt for Microsoft's unified solutions.

• Endpoint security leaders like CrowdStrike: Companies such as CrowdStrike, initially known for Endpoint Detection and Response (EDR), are aggressively expanding their platforms to encompass a much broader range of security functions, including cloud security, identity protection, and SIEM-like capabilities (e.g., Falcon LogScale). This multi-domain platform strategy competes directly with Rapid7's approach of offering various security solutions on its Insight Platform, as organizations increasingly seek to reduce the number of security vendors and consolidate under a single, comprehensive platform.

Rapid7 (RPD) operates in several key cybersecurity markets, with the following addressable market sizes:

• Security and Vulnerability Management: The global security and vulnerability management market was estimated at USD 16.51 billion in 2024 and is projected to reach USD 24.47 billion by 2030, growing at a Compound Annual Growth Rate (CAGR) of 6.8% from 2025 to 2030. North America held the largest revenue share in this global market in 2024.

• Security Information and Event Management (SIEM): The global SIEM market was valued at USD 10.78 billion in 2025 and is forecast to climb to USD 19.13 billion by 2030, advancing at a 12.16% CAGR. North America leads SIEM spending with a 39.20% share.

• Cloud Security: The global cloud security market size was estimated at USD 35.84 billion in 2024 and is projected to reach USD 75.26 billion by 2030, growing at a CAGR of 13.3% from 2025 to 2030. North America dominated this market with a revenue share of over 33.0% in 2024.

• Security Orchestration, Automation, and Response (SOAR): The global SOAR market size was estimated at USD 1.72 billion in 2024 and is projected to reach USD 4.11 billion by 2030, growing at a CAGR of 15.8% from 2025 to 2030. North America held the largest revenue share of 35.0% in the SOAR market in 2024.

Here are 3-5 expected drivers of future revenue growth for Rapid7 (RPD) over the next 2-3 years:

1. Expansion of Managed Detection and Response (MDR) Offerings: Rapid7's threat detection and response business, which includes its MDR offerings, is consistently highlighted as a key area of strength and durable double-digit growth. The company is making significant investments in its MDR business, anticipating that expanded capabilities will drive long-term value and growth by tapping into the rapidly expanding market for comprehensive, managed security solutions.
2. Advancements in AI-Powered Security Operations and Platform Integration: Rapid7 is strategically investing in AI-powered security operations, including its Command Platform and Exposure Command. These initiatives aim to enable faster, automated threat detection and response, drive customer adoption, and accelerate upgrades from legacy products. The launch of the Command Platform, including Exposure Command, has already shown positive reception, increasing the pipeline for risk management.
3. International Market Expansion: Rapid7 is experiencing a shift in its revenue mix towards international markets. International revenue grew 17% year-over-year in Q3 2024 and now accounts for nearly a quarter of the company's total revenue, indicating a deliberate focus on expanding its global footprint as a driver for future growth.
4. Strategic Partnerships: Collaborative efforts and strategic partnerships are expected to contribute to revenue growth. For instance, Rapid7 has expanded its partnership with Microsoft, integrating its MDR solution with Microsoft Defender to enhance detection and response capabilities. Additionally, its AI security tools are available through the AWS Marketplace, enabling easier procurement and deployment for a vast enterprise customer base already investing heavily in AI.
5. Operational Realignment and Improved Sales Execution: While currently posing challenges, Rapid7 is implementing leadership changes and standardizing sales practices to improve execution, particularly in MDR and upgrades to Exposure Command. Management expects these operational realignments to cause short-term disruption but ultimately position the company for more consistent growth in 2026 and beyond.

Share Repurchases

• Rapid7 has not engaged in significant public share repurchase programs over the last 3-5 years.
• In December 2022, 82,771 shares were repurchased for approximately $827 as part of a specific purchase agreement, not a publicly announced share repurchase program.

Share Issuance

• In April 2020, Rapid7 priced $200.0 million in 2.25% convertible senior notes due 2025, with an option for initial purchasers to buy an additional $30.0 million, convertible into cash or common stock.
• In September 2023, the company priced an upsized offering of $260.0 million in 1.25% convertible senior notes due 2029, with an option for an additional $40.0 million, also convertible into cash or common stock.
• Stock-based compensation led to $119.6 million in expenses over the trailing twelve months leading up to August 2023.

Outbound Investments

• In July 2021, Rapid7 acquired IntSights Cyber Intelligence Ltd. for an aggregate fair value of $322.3 million.
• In March 2023, Rapid7 acquired Minerva Labs, Ltd. to expand its managed threat detection capabilities and integrate advanced ransomware prevention.

Capital Expenditures

• Capital expenditures totaled $16.9 million over the trailing twelve months leading up to August 2023.
• Rapid7 anticipates free cash flow of at least $160 million for the full year 2024, indicating continued investment in the business.
• The company is focusing on platform and services investments in 2024 and beyond to enhance customer experience, drive cloud security adoption, scale security productivity with AI, and expand its service and partner ecosystem.