Rapid7 unveils upgraded platform with $1M breach cover

Techday NZ

30-04-2025

Rapid7 has released significant upgrades to its Command Platform, with the introduction of unified threat-informed remediation aimed at helping security teams more effectively identify, prioritise, and resolve critical risks across their digital environments.
The updated platform incorporates artificial intelligence-powered threat detection, integrated vulnerability remediation - including from third-party security tools - and automated incident response through Velociraptor. Together, these features are designed to help organisations strengthen their cybersecurity measures at scale, addressing the hurdles of fragmented toolsets and alert overload that are prevalent in the industry.
Rapid7 is providing an added level of assurance by backing the platform with a Breach Protection Warranty, offering customers financial protection in the event of a security breach. This warranty covers relevant expenses such as forensic investigations, legal counsel, post-incident response, and public relations, with up to USD $1,000,000 included in the package for Managed Threat Complete Ultimate customers. In addition, the warranty includes unlimited incident response, which eliminates extra costs often charged by other providers for such engagements.
Craig Adams, Chief Product Officer at Rapid7, explained, "Security teams are overwhelmed with alerts, they're asking for clarity, prioritisation, and outcomes. It's not enough to simply detect threats; teams need the context to act quickly and the confidence that issues will be resolved. With our latest version of the Command Platform, we're giving customers a cohesive, continuous, and trusted understanding of their entire attack surface, alongside the intelligent automation to prioritise threats and remediate them fast."
The company's enhancements address what it describes as growing complexity in enterprise security environments, where attack surfaces are expanding due to distributed systems and a proliferation of security and IT tools. The upgraded Command Platform aims to automate the prioritisation and remediation of exposures, with a focus on speeding up these processes while improving their accuracy.
Among the platform's most notable changes is the expansion of unified vulnerability management, which now includes support for both Rapid7's own scanning tools and third-party vulnerability management solutions. Security teams can use vendor-agnostic dashboards and workflows to consolidate risk information, prioritise vulnerabilities, and track remediation progress across the entire technology ecosystem.
The platform also introduces expanded automation capabilities. Using Remediation Hub workflows, security teams are able to automate notifications to asset owners and reduce manual task cycles, with the result of lowering administrative workloads and increasing efficiency in communications and resolution activities. Teams have access to unified dashboards to monitor remediation progress within both cloud and on-premises environments.
The update further improves transparency in AI-driven threat detection by presenting security analysts with more detailed reasoning behind AI triage decisions within the InsightIDR platform. The new interface highlights specific data inputs used by Rapid7's AI Engine and offers an "AI Suggested Disposition" field. This function enables users to sort, filter, and batch respond to alerts, potentially accelerating threat investigation and resolution processes.
An additional capability, Active Remediation with Velociraptor, is included to allow the Command Platform to take direct action on behalf of customers. When a threat is detected and contained, Velociraptor can initiatemeasures such as removing malware remnants, restoring system registry settings, and returning affected assets to their baseline secure state. This aims to limit the time a threat remains active and reduce disruption, often acting faster than manual response would allow.
The Breach Protection Warranty is presented as a means to help customers better manage the financial impact of a cyberattack. Rapid7 claims that its service distinguishes itself by integrating unlimited incident response without additional fees, which can reduce the complexity of a customer's breach response strategy compared to rival offerings that require separate charges for such services.