Exposure Command
Exposure Command supports the Exposure Management side by offering comprehensive visibility, risk prioritization, and automated remediation to help organizations manage their attack surface proactively.

Vector Command
Validation is the continuous testing of an organization’s security controls to ensure they are effective in protecting against real-world threats. Vector Command offers managed validation services, including red teaming and breach simulations, to test the resilience of an organization’s defenses, helping security teams identify gaps and improve their overall security posture.

Exposure Command Advanced and InsightAppSec
DAST is a security testing method that identifies vulnerabilities in web applications by simulating attacks on the application's interface, without needing access to the source code. InsightAppSec provides comprehensive DAST capabilities, allowing security teams to proactively scan web applications for exploitable vulnerabilities and weaknesses in real-time, helping to ensure that applications are secure before attackers can exploit them.

Exposure Command Advanced and InsightCloudSec
CNAPP is a unified security approach that protects cloud-native applications and infrastructure by integrating security and compliance controls across development and production environments. InsightCloudSec continuously monitors cloud environments, providing real-time risk detection, compliance management, and security control for cloud-native applications, enabling organizations to secure their cloud infrastructure effectively.

Exposure Command and InsightVM
Vulnerability Management involves identifying, prioritizing, and remediating vulnerabilities across an organization’s network, devices, and applications to reduce exposure to potential attacks. InsightVM continuously scans an organization's infrastructure for vulnerabilities, helping security teams prioritize and remediate risks based on severity, ensuring that the most critical vulnerabilities are addressed first.

Rapid7 MXDR
MXDR is a fully managed security service that extends detection and response capabilities across multiple layers, including endpoints, networks, identities, and cloud environments, offering proactive threat detection and response. Rapid7’s MXDR integrates detection across the entire attack surface using InsightIDR, Threat Intelligence, and XDR capabilities to detect and respond to threats in real-time. It offers continuous monitoring, threat hunting, and expert response, managed by Rapid7’s Security Operations Center (SOC).

Incident Command
Incident Command is the AI-native security operations platform within the Rapid7 Command Platform that provides a unified interface for detecting, investigating, and responding to security threats within the Security Operations Center (SOC). The platform combines key operational capabilities including threat detection, alert triage, case investigation, response actions, threat intelligence, automation, and attack surface monitoring in a single experience.

Threat Command
Threat Intelligence involves the collection, analysis, and dissemination of information about current or emerging threats, helping organizations anticipate and defend against cyberattacks. Threat Command continuously monitors the clear, deep, and dark web for potential threats, such as leaked credentials or emerging attack vectors, providing real-time intelligence that informs security teams to act proactively and mitigate risks before they escalate.

InsightIDR Advanced and Velociraptor
DFIR is the process of identifying, investigating, and responding to cyber incidents by collecting and analyzing digital evidence to understand the scope, cause, and impact of security breaches.Velociraptor is an advanced open-source tool used in Rapid7’s DFIR services, enabling security teams to perform in-depth forensic investigations and respond to incidents by gathering evidence and determining how attacks occurred. It helps organizations understand the root cause and ensure effective recovery.

InsightConnect
SOAR (security orchestration, automation & response) is a technology that allows organizations to collect data about security threats and respond to them with automated processes. It orchestrates security tools, automates repetitive tasks, and improves response times to incidents.InsightConnect leverages security orchestration, automation, and response (SOAR) capabilities to streamline and automate security processes, helping teams respond to incidents more quickly and efficiently. InsightConnect supports both the risk and the threat sides of our portfolio. InsightConnect is integrated into all other Rapid7 products.