Rapid7 Achieves FedRAMP Authorization for InsightGovCloud Platform
Rapid7 (NASDAQ: RPD) has achieved Federal Risk and Authorization Management Program (FedRAMP) Authorization for its InsightGovCloud Platform, marking a significant milestone for serving U.S. federal agencies. The authorization at Moderate Impact Level 2 validates the platform's security capabilities for government deployment.
The platform offers comprehensive security solutions including vulnerability management, CNAPP, and SOAR capabilities. Key features include dynamic asset discovery, threat-aware vulnerability prioritization, closed-loop exploitability validation, real-time cloud security assessment, and streamlined remediation operations.
This authorization enhances Rapid7's existing certifications portfolio, which includes SOC2 Type 2, ISO 27001, TX-RAMP, IRAP, and others, positioning the company to better serve public sector cybersecurity needs.
Rapid7 (NASDAQ: RPD) ha ottenuto l'autorizzazione FedRAMP (Federal Risk and Authorization Management Program) per la sua piattaforma InsightGovCloud, segnando un traguardo importante per il servizio alle agenzie federali statunitensi. L'autorizzazione a livello di impatto moderato 2 conferma le capacità di sicurezza della piattaforma per l'implementazione governativa.
La piattaforma offre soluzioni di sicurezza complete, tra cui gestione delle vulnerabilità, CNAPP e funzionalità SOAR. Le caratteristiche principali comprendono la scoperta dinamica degli asset, la prioritizzazione delle vulnerabilità basata sulle minacce, la validazione chiusa dell'exploitabilità, la valutazione della sicurezza cloud in tempo reale e l'ottimizzazione delle operazioni di remediation.
Questa autorizzazione arricchisce il portafoglio di certificazioni di Rapid7, che include SOC2 Tipo 2, ISO 27001, TX-RAMP, IRAP e altre, posizionando l'azienda per rispondere in modo più efficace alle esigenze di cybersecurity del settore pubblico.
Rapid7 (NASDAQ: RPD) ha obtenido la autorización FedRAMP (Federal Risk and Authorization Management Program) para su plataforma InsightGovCloud, marcando un hito importante para atender a las agencias federales de EE. UU. La autorización en el Nivel 2 de Impacto Moderado valida las capacidades de seguridad de la plataforma para su despliegue gubernamental.
La plataforma ofrece soluciones de seguridad integrales que incluyen gestión de vulnerabilidades, CNAPP y capacidades SOAR. Las características clave incluyen descubrimiento dinámico de activos, priorización de vulnerabilidades basada en amenazas, validación cerrada de explotabilidad, evaluación de seguridad en la nube en tiempo real y operaciones de remediación simplificadas.
Esta autorización mejora el portafolio de certificaciones existentes de Rapid7, que incluye SOC2 Tipo 2, ISO 27001, TX-RAMP, IRAP y otras, posicionando a la empresa para servir mejor las necesidades de ciberseguridad del sector público.
Rapid7 (NASDAQ: RPD)� InsightGovCloud 플랫폼에 대� 연방 위험 � 승인 관� 프로그램(FedRAMP) 승인� 획득하여 미국 연방 기관 서비스를 위한 중요� 이정표를 달성했습니다. 중간 영향 수준 2� 승인은 정부 배포� 위한 플랫폼의 보안 역량� 검증합니다.
� 플랫폼은 취약� 관�, CNAPP, SOAR 기능� 포함� 종합 보안 솔루션을 제공합니�. 주요 기능으로� 동적 자산 탐지, 위협 인식 취약� 우선순위 지�, 폐쇄 루프 공격 가능성 검�, 실시� 클라우드 보안 평가 � 간소화된 수정 작업� 포함됩니�.
이번 승인은 SOC2 유형 2, ISO 27001, TX-RAMP, IRAP � 기존 Rapid7� 인증 포트폴리오를 강화하여 공공 부문의 사이� 보안 요구� 보다 효과적으� 지원할 � 있는 위치� 마련합니�.
Rapid7 (NASDAQ : RPD) a obtenu l'autorisation FedRAMP (Federal Risk and Authorization Management Program) pour sa plateforme InsightGovCloud, marquant une étape importante dans le service aux agences fédérales américaines. L'autorisation au niveau d'impact modéré 2 valide les capacités de sécurité de la plateforme pour un déploiement gouvernemental.
La plateforme offre des solutions de sécurité complètes, incluant la gestion des vulnérabilités, CNAPP et les capacités SOAR. Les fonctionnalités clés comprennent la découverte dynamique des actifs, la priorisation des vulnérabilités basée sur les menaces, la validation en boucle fermée de l'exploitabilité, l'évaluation en temps réel de la sécurité cloud et la rationalisation des opérations de remédiation.
Cette autorisation renforce le portefeuille de certifications existant de Rapid7, qui comprend SOC2 Type 2, ISO 27001, TX-RAMP, IRAP, entre autres, positionnant l'entreprise pour mieux répondre aux besoins de cybersécurité du secteur public.
Rapid7 (NASDAQ: RPD) hat die FedRAMP-Zulassung (Federal Risk and Authorization Management Program) für seine InsightGovCloud-Plattform erhalten und damit einen wichtigen Meilenstein für die Betreuung von US-Bundesbehörden erreicht. Die Zulassung auf dem Moderaten Impact Level 2 bestätigt die Sicherheitsfähigkeiten der Plattform für den Regierungseinsatz.
Die Plattform bietet umfassende Sicherheitslösungen, darunter Schwachstellenmanagement, CNAPP und SOAR-Funktionen. Zu den Hauptmerkmalen zählen dynamische Asset-Erkennung, bedrohungsbewusste Priorisierung von Schwachstellen, geschlossene Schleife zur Exploit-Validierung, Echtzeit-Cloud-Sicherheitsbewertung und optimierte Behebungsprozesse.
Diese Zulassung erweitert Rapid7s bestehendes Zertifizierungsportfolio, das SOC2 Typ 2, ISO 27001, TX-RAMP, IRAP und weitere umfasst, und positioniert das Unternehmen besser, um die Cybersicherheitsbedürfnisse des öffentlichen Sektors zu erfüllen.
- Achievement of FedRAMP Authorization enables access to federal agency market
- Platform directly addresses CISA's Binding Operational Directive 22-01 compliance requirements
- Comprehensive security features including vulnerability management, CNAPP, and SOAR solutions
- Integration with Metasploit, the world's most widely adopted open-source penetration testing framework
- None.
Insights
Rapid7's FedRAMP authorization unlocks significant federal market opportunities, strengthening competitive position in the lucrative government cybersecurity sector.
Rapid7's achievement of FedRAMP Authorization at the Moderate Impact Level 2 represents a significant business milestone that substantially expands the company's addressable market. This certification essentially unlocks the $9+ billion federal cybersecurity market, allowing Rapid7 to deploy its cloud-based security solutions across U.S. government agencies - a notoriously difficult market to penetrate without proper certifications.
The timing is particularly strategic given CISA's Binding Operational Directive 22-01, which mandates federal agencies to identify and remediate vulnerabilities within specific timeframes. Rapid7's newly authorized platform directly addresses these compliance requirements, positioning the company to capitalize on immediate demand. Their comprehensive suite - including vulnerability management, Cloud Native Application Protection Platform (CNAPP), and Security Orchestration, Automation and Response (SOAR) solutions - now becomes accessible to government procurement officers previously unable to consider them.
From a competitive standpoint, this authorization strengthens Rapid7's position against larger security players like CrowdStrike, Palo Alto Networks, and Microsoft, who already have established federal footprints. The federal sector is particularly valuable as government contracts typically feature longer terms, higher stability, and less price sensitivity than commercial deals.
The certification also validates Rapid7's security architecture and compliance capabilities, which could accelerate adoption in other highly regulated industries like healthcare and financial services that often look to FedRAMP as a gold standard. This broader market credibility enhancement extends beyond just the federal opportunity itself.
BOSTON, July 28, 2025 (GLOBE NEWSWIRE) -- , (NASDAQ: RPD), a leader in extended risk and threat detection, today announced that its InsightGovCloud Platform has achieved Federal Risk and Authorization Management Program (FedRAMP®) Authorization, solidifying its position as a trusted Cloud Service Offering (CSO) for U.S. federal agencies. This milestone underscores Rapid7’s commitment to enabling secure cloud adoption for public sector organizations.
The FedRAMP Authorization Moderate Impact Level 2 validates the security of Rapid7’s cloud-based platform and affirms its readiness to support federal agencies in managing their evolving cybersecurity needs. With this achievement, Rapid7’s approved solutions can now be deployed across a wide range of government environments to deliver proactive threat exposure management and automated response capabilities at scale across hybrid cloud and on-premises environments.
“For federal agencies navigating increasingly complex and constantly-evolving security environments, working with a security platform that meets the highest standards of security, reliability, and compliance is critical,� said Pete Rubio, senior vice president, platform and engineering at Rapid7. “Rapid7 is well positioned to meet this need, delivering unique capabilities in automation, visibility, and context that help federal agencies reduce risk and accelerate remediation across their environments.�
“Achieving this authorization marks a meaningful commitment to the federal agencies we support. We look forward to building deeper partnerships with security teams across the sector, delivering a comprehensive security platform that protects assets from endpoint to cloud,� said Damon Cabanillas, public sector vice president of sales at Rapid7. “This authorization comes as federal agencies face increased pressure to leverage a continuous threat exposure management platform in support of CISA’s Binding Operational Directive 22-01, which mandates that agencies identify and remediate these vulnerabilities within specific timeframes. Rapid7’s solutions directly address this mandate, providing native automated vulnerability assessment, prioritizing remediation projects and validating patching efficacy within specific timelines complimenting Rapid7’s own Metasploit, the world’s most widely adopted open-source penetration testing framework.�
The Rapid7 Platform includes a suite of vulnerability management, CNAPP, and SOAR solutions within the FedRAMP authorization boundary. These tools empower federal agencies to assess their attack surface, detect and prioritize exposures, and automate response workflow, all from a centralized interface that delivers clarity and control. With Rapid7’s newly approved solution, federal agencies can benefit :
- Dynamic Asset Discovery and Attack Surface Visibility: Identify and close critical vulnerabilities across the entire IT ecosystem with a single agent and agentless scanning options supported by a unified vulnerability database ensuring nothing is missed or overlooked.
- Threat-Aware Hybrid Vulnerability Prioritization at Scale: Focus on what matters most with Rapid7’s threat-enriched risk scoring model, integrating real-world threat context, blast radius, attractiveness and attacker behavior to surface the most actionable risks from endpoint to cloud.
- Closed-Loop Exploitability Validation: Allows for integrated automated vulnerability scans that leverage Rapid7’s Metasploit, the world’s most widely adopted open-source penetration testing framework, to create a closed-loop workflow that simulates real-world attacks across the entire kill chain, enabling risk prioritization based on actual exploitability and potential impact.
- AG˹ٷ-time cloud security and posture assessment: Gain continuous real-time visibility across all cloud workloads and enforce security posture at scale, reducing misconfigurations and audit prep time across cloud platforms and Kubernetes.
- Streamlined Collaboration and Accelerated Remediation Operations: Bridge the gap between security and IT teams with hundreds of built-in integrations, automated remediation workflows and project tracking to accelerate risk reduction with actionable guidance delivered directly to preferred ITOps tools.
Rapid7’s existing certifications include SOC2 Type 2, ISO 27001, TX-RAMP, IRAP, EU-U.S. Data Privacy Framework, and CE+. The company’s FedRAMP Authorized status adds to this robust portfolio and strengthens its ability to serve public sector customers with confidence.
To learn more about Rapid7’s Command Platform, visit .
To view the FedRAMP In Process Marketplace listing for InsightGovCloud, visit .
To learn more about how Federal Agencies can benefit from working with Rapid7, visit .
About Rapid7
Rapid7, Inc. (NASDAQ: RPD) is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7’s comprehensive security solutions help more than 11,000 global customers unite cloud risk management with threat detection and response to reduce attack surfaces and eliminate threats with speed and precision. For more information, visit our , check out our , or follow us on or .
About FedRAMP
FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment for cloud technologies and federal agencies.
Rapid7 Media Relations
Alice Randall
Director, Global Corporate Communications
[email protected]
(857) 216-7804
Rapid7 Investor Contact
Elizabeth Chwalk
Vice President, Investor Relations
[email protected]
(617) 865-4277
FAQ
What does Rapid7's FedRAMP Authorization mean for federal agencies?
What key features does Rapid7's InsightGovCloud Platform offer?
How does Rapid7's platform help with CISA's Binding Operational Directive 22-01?
What certifications does Rapid7 (NASDAQ: RPD) currently hold?
What security capabilities are included in Rapid7's FedRAMP authorization boundary?
