Rapid7 Achieves FedRAMP Authorization for InsightGovCloud Platform

BOSTON, July 28, 2025 (GLOBE NEWSWIRE) -- , (NASDAQ: RPD), a leader in extended risk and threat detection, today announced that its InsightGovCloud Platform has achieved Federal Risk and Authorization Management Program (FedRAMP®) Authorization, solidifying its position as a trusted Cloud Service Offering (CSO) for U.S. federal agencies. This milestone underscores Rapid7’s commitment to enabling secure cloud adoption for public sector organizations.

The FedRAMP Authorization Moderate Impact Level 2 validates the security of Rapid7’s cloud-based platform and affirms its readiness to support federal agencies in managing their evolving cybersecurity needs. With this achievement, Rapid7’s approved solutions can now be deployed across a wide range of government environments to deliver proactive threat exposure management and automated response capabilities at scale across hybrid cloud and on-premises environments.

“For federal agencies navigating increasingly complex and constantly-evolving security environments, working with a security platform that meets the highest standards of security, reliability, and compliance is critical,” said Pete Rubio, senior vice president, platform and engineering at Rapid7. “Rapid7 is well positioned to meet this need, delivering unique capabilities in automation, visibility, and context that help federal agencies reduce risk and accelerate remediation across their environments.”

“Achieving this authorization marks a meaningful commitment to the federal agencies we support. We look forward to building deeper partnerships with security teams across the sector, delivering a comprehensive security platform that protects assets from endpoint to cloud,” said Damon Cabanillas, public sector vice president of sales at Rapid7. “This authorization comes as federal agencies face increased pressure to leverage a continuous threat exposure management platform in support of CISA’s Binding Operational Directive 22-01, which mandates that agencies identify and remediate these vulnerabilities within specific timeframes. Rapid7’s solutions directly address this mandate, providing native automated vulnerability assessment, prioritizing remediation projects and validating patching efficacy within specific timelines complimenting Rapid7’s own Metasploit, the world’s most widely adopted open-source penetration testing framework.”

The Rapid7 Platform includes a suite of vulnerability management, CNAPP, and SOAR solutions within the FedRAMP authorization boundary. These tools empower federal agencies to assess their attack surface, detect and prioritize exposures, and automate response workflow, all from a centralized interface that delivers clarity and control. With Rapid7’s newly approved solution, federal agencies can benefit :

• Dynamic Asset Discovery and Attack Surface Visibility: Identify and close critical vulnerabilities across the entire IT ecosystem with a single agent and agentless scanning options supported by a unified vulnerability database ensuring nothing is missed or overlooked.
• Threat-Aware Hybrid Vulnerability Prioritization at Scale: Focus on what matters most with Rapid7’s threat-enriched risk scoring model, integrating real-world threat context, blast radius, attractiveness and attacker behavior to surface the most actionable risks from endpoint to cloud.
• Closed-Loop Exploitability Validation: Allows for integrated automated vulnerability scans that leverage Rapid7’s Metasploit, the world’s most widely adopted open-source penetration testing framework, to create a closed-loop workflow that simulates real-world attacks across the entire kill chain, enabling risk prioritization based on actual exploitability and potential impact.
• Real-time cloud security and posture assessment: Gain continuous real-time visibility across all cloud workloads and enforce security posture at scale, reducing misconfigurations and audit prep time across cloud platforms and Kubernetes.
• Streamlined Collaboration and Accelerated Remediation Operations: Bridge the gap between security and IT teams with hundreds of built-in integrations, automated remediation workflows and project tracking to accelerate risk reduction with actionable guidance delivered directly to preferred ITOps tools.

Rapid7’s existing certifications include SOC2 Type 2, ISO 27001, TX-RAMP, IRAP, EU-U.S. Data Privacy Framework, and CE+. The company’s FedRAMP Authorized status adds to this robust portfolio and strengthens its ability to serve public sector customers with confidence.

To learn more about Rapid7’s Command Platform, visit .

To view the FedRAMP In Process Marketplace listing for InsightGovCloud, visit .

To learn more about how Federal Agencies can benefit from working with Rapid7, visit .

About Rapid7

Rapid7, Inc. (NASDAQ: RPD) is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7’s comprehensive security solutions help more than 11,000 global customers unite cloud risk management with threat detection and response to reduce attack surfaces and eliminate threats with speed and precision. For more information, visit our , check out our , or follow us on or .

About FedRAMP

FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment for cloud technologies and federal agencies.

Rapid7 Media Relations

Alice Randall

Director, Global Corporate Communications



(857) 216-7804

Rapid7 Investor Contact

Elizabeth Chwalk

Vice President, Investor Relations



(617) 865-4277