Rapid7 Expands Exposure Command with Support for AWS Resource Control Policies

Launch partnership offers Rapid7 customers centralized visibility and control over access permissions, accounts, resources, and services across their hybrid environment

Boston, MA — November 20, 2024

Rapid7, Inc. (NASDAQ: RPD), a leader in extended risk and threat detection, today announced that its Exposure Command solution now supports Amazon Web Services (AWS) Resource Control Policies (RCPs). As a launch partner for this powerful feature, Rapid7 now provides additional visibility, insights, and best practices that guide customers in addressing complex enterprise Identity and Access Management (IAM) challenges across the modern attack surface.

As businesses rapidly scale their AWS environments, they need additional visibility and tighter security controls in managing proliferating identities, resources, and their corresponding permissions. RCPs facilitate this by giving AWS customers more granular control over access at the resource level. Rapid7's Exposure Command empowers organizations to implement a zero-trust approach that seamlessly integrates with their existing AWS cloud infrastructure, including AWS Service Control Policies (SCPs), which set permissions at the principal level. Through the addition of RCP support, Rapid7 enables customers to achieve a higher level of control, ensuring that resources and data remain protected, even as environments scale rapidly.

“We’re proud to partner with AWS for their RCP launch, as we believe it underscores our organizations’ shared commitment to advancing cloud security,” said Craig Adams, chief product officer at Rapid7. “Now, our combined support for RCPs and SCPs in Exposure Command significantly reduces identity-based risk for our customers, ensuring they have the tools needed to enforce zero-trust policies, manage cloud permissions, and confidently drive innovation at scale.”

Exposure Command combines the power of 360-degree attack surface visibility with high-fidelity context enrichment, aggregating findings from Rapid7’s native exposure detection capabilities as well as third-party enrichment sources from customers’ existing technology ecosystem. This situational awareness enables teams to quickly zero in on the exposures attackers have in their sights, with the threat-aware risk context needed to assess, prioritize, and remediate vulnerabilities more efficiently and effectively.

Key Benefits of Exposure Command’s New RCP Support:

  • Centralized RCP Monitoring and Governance: Exposure Command offers a single, unified view of RCP usage, making it easy for security teams to monitor and manage policies across their AWS environments.
  • Enhanced Identity and Access Controls: RCP support extends Rapid7’s existing identity analysis capabilities, allowing organizations to automatically refine permissions organization-wide, prevent excessive access, and enforce least-privilege access (LPA) across AWS resources.
  • Proactive Best Practice Recommendations: Rapid7 provides expert guidance on implementing RCPs effectively, enabling customers to align security controls with business objectives and regulatory requirements.
  • Comprehensive AWS Coverage: In addition to RCPs and SCPs, Exposure Command offers a wide range of tools to protect AWS resources, including automated scanning and identification of vulnerabilities; real-time threat alerts for suspicious activities; and visibility and protection for AI and machine learning resources.

As cloud adoption continues to grow, Rapid7 remains committed to delivering the tools and insights organizations need to reduce risk, maintain compliance, and innovate securely alongside AWS. Learn more about Rapid7, Exposure Command, and the company’s complete line of products for AWS customers on Amazon Marketplace: http://aws.amazon.com/marketplace/seller-profile?id=1121698c-7b7b-4a71-86d3-cfc65ab72368.

###

About Rapid7

Rapid7, Inc. (NASDAQ: RPD) is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7’s comprehensive security solutions help more than 11,000 global customers unite cloud risk management and threat detection to reduce attack surfaces and eliminate threats with speed and precision. For more information, visit our website, check out our blog, or follow us on LinkedIn or X.


Rapid7 Media Relations

Stacey Holleran

Sr. Manager, Global Communications

+1 857—216—7804

press@j-bgroup.com

Rapid7 Investor Relations

Elizabeth Chwalk

Director, Investor Relations

+1 617—865—4277

investors@j-bgroup.com