Core Insights - Rapid7, Inc. has introduced new cloud security capabilities within its Exposure Command solution, enhancing proactive risk management through runtime validation and Data Security Posture Management (DSPM) [1][2] Group 1: New Features and Capabilities - The new features enable organizations to identify, validate, and prioritize exploitable risks based on real-world attack paths and business impact [1][2] - Runtime validation assesses which vulnerabilities and misconfigurations are actively exploitable, while DSPM maps sensitive data and identity access to real-world attack paths [2][3] - The integration of these features allows security teams to prioritize remediation efforts effectively, thereby strengthening resilience against potential breaches [3][4] Group 2: Industry Context and Importance - As organizations increasingly adopt hybrid and multi-cloud environments, security programs must evolve from reactive models to proactive validation strategies [2] - Rapid7's advancements in Exposure Command position it as a leader in the cybersecurity space, as evidenced by its recognition in the 2025 Gartner Magic Quadrant for Exposure Assessment Platforms [5] Group 3: Conference Participation - Rapid7 will showcase its new cloud security capabilities and innovations at the RSAC 2026 Conference in San Francisco, highlighting its commitment to advancing cybersecurity operations [5][6]

Financial Data and Key Metrics Changes - Rapid7 ended fiscal 2025 with an Annual Recurring Revenue (ARR) of $840 million and total revenue of $860 million, both exceeding guidance [7] - For Q4, total revenue was $217.4 million, growing 0.5% year-over-year, while full-year revenue reached $859.8 million, growing 1.9% year-over-year [31] - Non-GAAP operating income for Q4 was $30.1 million, with a margin of 13.9%, and full-year non-GAAP operating income was $135.7 million, or an operating margin of 15.8% [33][34] - Free cash flow for Q4 was $32.3 million, totaling $130 million for the full year [34] Business Line Data and Key Metrics Changes - Product revenue for Q4 was $209.1 million, growing 1.4% year-over-year, while professional services revenue totaled $8.2 million, down from $9.9 million in Q4 2024 [31][32] - The detection and response (DNR) business grew approximately 7% year-over-year, with the managed detection and response (MDR) portion growing in the high single digits [32] - The exposure management business showed signs of improvement, particularly with the rapid adoption of the Exposure Command offering in Q4 [32] Market Data and Key Metrics Changes - The cybersecurity market is experiencing significant disruption due to advancements in AI, leading to a reevaluation of security postures across enterprises [9][10] - The demand for comprehensive, expert-led security operations is increasing due to a more complex regulatory environment and an accelerating threat landscape [10][12] Company Strategy and Development Direction - Rapid7 is focusing on integrating AI capabilities into its offerings to enhance security operations and provide proactive security postures [16][26] - The company aims to consolidate customer environments under a unified platform and enhance its managed AI Security Operations Center (SOC) [16][18] - Strategic investments are being made to evolve and scale solutions, particularly in the DNR market, which is seen as a significant growth opportunity [17][23] Management's Comments on Operating Environment and Future Outlook - Management acknowledges the challenges posed by the evolving software sector and emphasizes that cybersecurity is fundamentally different, positioning Rapid7 favorably [9][10] - The company is optimistic about the potential for growth in the DNR market and is focused on improving operational efficiency and customer engagement [22][24] - Management expects that investments made in 2025 will yield improvements in efficiency and operating margins as 2026 progresses [33][40] Other Important Information - Rapid7 ended 2025 with over 11,500 customers and an average ARR per customer of approximately $72,000 [34] - The company has a strong balance sheet with over $659 million in cash and equivalents, along with a $200 million undrawn revolver [35] Q&A Session Summary Question: How will the changes in marketing and sales be measured? - Management is looking for increased sales and marketing productivity and efficacy, aiming to grow faster while improving efficiency [43][44] Question: What are the core growth businesses going forward? - The primary growth area is detection and response, with a focus on mainstream enterprises and integrating exposure management into a unified offering [48][49] Question: Why is there no full-year ARR guidance? - The decision was made to provide guidance that is meetable and clear, with visibility into ARR expected to improve as new leadership settles in [54][56] Question: What is driving the ARR decline in Q1? - The decline is attributed to slower growth in parts of the business outside of DNR, with management expecting improvements as upgrades and new releases are implemented [82][84] Question: How are customer conversations regarding AI evolving? - Customers are asking for more assistance in managing complex environments and are looking for transparency in AI solutions [66][68] Question: How is customer consolidation impacting win rates? - Rapid7 is benefiting from customer consolidation trends but needs to improve the delivery and integration of its solutions to maximize this opportunity [73][75]

Financial Data and Key Metrics Changes - Rapid7 ended fiscal 2025 with an Annual Recurring Revenue (ARR) of $840 million and total revenue of $860 million, both exceeding guidance [7] - For Q4, total revenue was $217.4 million, growing 0.5% year-over-year, while full-year revenue reached $859.8 million, growing 1.9% year-over-year [31] - Non-GAAP operating income for Q4 was $30.1 million, with a margin of 13.9%, and full-year non-GAAP operating income was $135.7 million, or an operating margin of 15.8% [33][34] Business Line Data and Key Metrics Changes - The Managed Detection and Response (MDR) segment grew in the high single digits, contributing to a total ARR growth of approximately 7% in the Detection and Response (DNR) business [32][22] - Professional services revenue for Q4 totaled $8.2 million, down from $9.9 million in Q4 2024, reflecting a shift towards greater utilization of partners for service delivery [31] Market Data and Key Metrics Changes - The cybersecurity market is experiencing significant disruption due to advancements in AI, leading to a reevaluation of security postures across enterprises [9][10] - Regulatory requirements are expanding and becoming more complex globally, increasing the demand for comprehensive security operations [12] Company Strategy and Development Direction - Rapid7 is focusing on integrating AI capabilities into its offerings to enhance security operations and provide proactive security postures [16][26] - The company aims to consolidate its security solutions under a unified platform, enhancing customer experience and operational efficiency [18][19] - Strategic investments are being made to evolve the product portfolio and improve service delivery, particularly in the DNR and exposure management segments [24][25] Management's Comments on Operating Environment and Future Outlook - Management acknowledges the challenges posed by the evolving threat landscape and the need for companies to adapt their security strategies accordingly [10][27] - The leadership team is optimistic about the growth potential in the DNR market and is focused on improving operational efficiencies and customer engagement [38][39] Other Important Information - Rapid7 ended 2025 with over 11,500 customers and an average ARR per customer of approximately $72,000 [34] - The company has a strong balance sheet with over $659 million in cash and equivalents, providing confidence in its ability to meet future obligations [35] Q&A Session Summary Question: How will the changes in marketing and sales be measured? - Management is focusing on increased sales and marketing productivity, aiming to grow faster while improving efficiency [43][44] Question: What are the core growth businesses going forward? - The primary growth area is the DNR market, with a focus on providing quality service and integrating exposure management into a unified offering [48][49] Question: Why is there no full-year ARR guidance? - The decision was made to provide guidance that is realistic and meetable, with visibility into ARR expected to improve as new leadership settles in [54][56] Question: What is driving the ARR decline in Q1? - The decline is attributed to slower growth in parts of the business outside of DNR, with management expecting improvements as new releases are implemented [82][84] Question: How is Rapid7 addressing customer demands regarding AI? - Customers are seeking more assistance in managing complex environments and expect providers to leverage AI to enhance operational efficiency [66][67] Question: How are customer consolidation trends impacting win rates? - Rapid7 is benefiting from customer consolidation but recognizes the need to simplify its value proposition to improve delivery and win rates [73][74]

Core Insights - Rapid7 has been recognized as a Leader in the 2025 Gartner Magic Quadrant for Exposure Assessment Platforms, highlighting its strong vision and execution capabilities in the cybersecurity space [1][4]. Company Overview - Rapid7, Inc. (NASDAQ: RPD) aims to create a safer digital world by simplifying and making cybersecurity more accessible, serving over 11,000 global customers [8]. Product Offering - The company's Exposure Command provides comprehensive exposure detection and remediation capabilities, covering both on-premises and cloud-native environments [2]. - Features include dynamic automated discovery, unified asset classification, real-world threat-validated prioritization, and LLM-based remediation guidance, making it a preferred choice for modern security teams [2]. Market Position - Rapid7 is uniquely positioned as a leader across multiple categories, including exposure management, SIEM, and MDR, being recognized in various market analyses such as the IDC MarketScape and Frost Radar [3]. Strategic Alignment - The recognition aligns with the Gartner Continuous Threat Exposure Management (CTEM) model, emphasizing a continuous, outcome-focused approach to security operations [4]. - Rapid7's Exposure Command operationalizes CTEM by translating technical findings into business-relevant risks, facilitating cross-functional responses [4].

Financial Data and Key Metrics Changes - Rapid7 ended Q3 2025 with $838 million in ARR, a 2% year-over-year growth, with revenue for the quarter at $218 million, also reflecting a 2% year-over-year increase [5][24] - Operating income was $37 million, exceeding guidance, and free cash flow generated in the quarter was $30 million, bringing year-to-date free cash flow to $98 million [5][25] - Product subscription revenue grew 2% year-over-year to $210 million, while professional services revenue continued to decline [24] Business Line Data and Key Metrics Changes - The Managed Detection and Response (MDR) business, which constitutes over half of ARR, continues to grow at double digits [6][19] - ARR per customer increased by 2%, with an average ARR per customer of over $72,000 [24] - International revenue represented 25% of total revenue and grew 8% year-over-year [24] Market Data and Key Metrics Changes - The customer spending environment remains challenged, particularly in large deals, but there are promising signs for future growth in detection and response [23] - The demand for integrated exposure and detection programs is growing, driven by regulatory pressures for compliance and reporting [15] Company Strategy and Development Direction - Rapid7 is focusing on enhancing its AI-powered security operations platform, integrating exposure management and threat detection to improve customer outcomes [9][18] - The company is making significant organizational changes, including new leadership appointments, to accelerate growth and improve operational alignment [6][20] - The strategy includes expanding partnerships, such as with Microsoft, to enhance managed detection and response capabilities [12][56] Management's Comments on Operating Environment and Future Outlook - Management acknowledges falling short of ARR guidance and is taking actions to rebuild confidence with the investment community [8] - The company is optimistic about its roadmap and strategy, despite longer deal cycles due to platform consolidation opportunities [10][18] - The outlook for Q4 includes a flat ARR quarter-over-quarter, with tightened full-year revenue guidance of $856-$858 million, representing 1%-2% growth [26][27] Other Important Information - The company is transitioning its traditional VM customer base to an integrated exposure management model through Exposure Command [19] - The new Chief Financial Officer, Rafe Brown, is expected to drive operational excellence and scale growth in SaaS businesses [20][48] Q&A Session Summary Question: Economic model of MDR and margin dynamics - Management indicated that MDR operates at higher gross margins than average MDR companies due to investments in automation and AI capabilities [31][32] Question: International vs. domestic growth rates - International revenue is growing faster than the overall business, with a focus on aligning sales processes across regions [33] Question: Pricing pressure in the MDR business - Despite flat ARR per customer growth, management believes they can continue to grow the MDR business profitably and effectively [35][36] Question: Large deal pipeline and Q4 outlook - Management is confident in the large deal pipeline but acknowledges variability in timing and conversion rates [41][42] Question: Leadership changes and priorities for Rafe Brown - Rafe Brown is expected to enhance operational acumen and drive growth through effective pricing and packaging strategies [47][48] Question: Value of traditional VM to SIEM MDR - Management is transitioning from traditional on-premise workloads to more strategic, value-added services, focusing on managed detection and response [51][53] Question: Expectations from Microsoft partnership - The partnership is expected to grow through technology integration and potential go-to-market collaboration [56] Question: Visibility around pipeline and close rates - Management is working on standardizing processes to improve visibility and accuracy in managing larger deal cycles [58] Question: Exposure Command's performance and customer engagement - Exposure Command is showing larger deal sizes and longer deal cycles, with a focus on upgrading existing customers [61][62]

Core Insights - Rapid7, Inc. has launched a local entity and platform instance in the UAE, marking a strategic investment in the region to support digital transformation and cyber resilience goals [1][2][3] - The UAE cybersecurity market is projected to reach $4.51 billion by the end of 2025, highlighting the importance of cybersecurity as a national priority for the UAE government [2] - Rapid7 has achieved DESC certification, meeting rigorous security standards to support government entities and regulated industries in the UAE [2][4][5] Company Commitment - Establishing a local presence in the UAE demonstrates Rapid7's commitment to regional priorities and local data policies, emphasizing data sovereignty as a critical national issue [6] - The company aims to build partnerships with local businesses and governments to enhance the protection of the UAE's digital future [3][6] - Rapid7's investment in dedicated cloud infrastructure allows organizations in the UAE and the Gulf to access its cybersecurity platform [3] Product Offerings - Rapid7 will deliver Exposure Command, an attack surface visibility solution, to help organizations manage vulnerabilities, applications, and cloud security [7] - The company has received recognition as a Leader in the IDC MarketScape: Worldwide Exposure Management 2025 Vendor Assessment and as a Strong Performer in the 2025 Forrester Wave™ for Unified Vulnerability Management [7] - Rapid7's platform offers context-driven visibility, cost-effective risk reduction through automation, and scalable support aligned with regional compliance standards [8] Industry Context - Dubai is recognized as a hub for innovation due to strategic investments in digital infrastructure and supportive government policies, with cybersecurity being a vital component [3] - Rapid7's approach to "Secure the Attack Surface" is designed to support the UAE's digital transformation [8] - The company will participate in GITEX Global 2025, showcasing its commitment to cybersecurity innovation [10]

Core Insights - Rapid7, Inc. has been recognized as a Leader in the IDC MarketScape: Worldwide Exposure Management 2025 Vendor Assessment, highlighting its strong position in the threat detection and exposure management market [1][7] Company Overview - Rapid7 is focused on creating a safer digital world by simplifying cybersecurity and making it more accessible, serving over 11,000 global customers [6] - The company offers a comprehensive security solution that integrates cloud risk management with threat detection and response [6] Product Highlights - The Command Platform, an AI-powered security operations platform, is central to Rapid7's offerings, providing unified solutions for exposure management and threat detection [2][3] - Exposure Command enables organizations to detect and prioritize exposures across hybrid environments, offering full visibility into their attack surface and risk-based vulnerability prioritization [3][4] Market Positioning - The IDC MarketScape report emphasizes the importance of prioritization for security teams, noting that Rapid7 connects visibility, asset classification, and prioritization effectively [4][7] - Rapid7's capabilities include a normalized view of the attack surface, real-world risk prioritization, accelerated remediation, and scalability to complex environments [7]

Summary of Rapid7 (RPD) FY Conference Call - August 12, 2025 Company Overview - **Company**: Rapid7 (RPD) - **Industry**: Cybersecurity and Managed Detection Response (MDR) Key Takeaways Financial Performance and Customer Activity - The company reported solid results with a healthy quarter, indicating stability in the macro environment and strong customer activity [3][4] - There was a concentration of larger deals that had previously been hesitant, showing steady momentum in the pipeline overall [3][4] - The detection response business is a significant growth area, now over $400 million, growing in the mid-teens percentage [6][7] Product Portfolio and Market Position - Rapid7 has shifted from a mid-market player to a key expense for mid to larger enterprises, leading to longer deal cycles with higher Average Selling Prices (ASPs) [4][5] - The detection response business is over half of the company's revenue, with plans to expand into compliance and risk management [7][10] - The company is focusing on integrating AI into its security operations to enhance efficiency and effectiveness [11][20] AI and Automation in Security - AI is seen as a double-edged sword; while it benefits bad actors, it also offers significant productivity gains for security teams [17][20] - Rapid7 is in the early stages of leveraging AI to improve security operations, with tools like incident command to automate and organize investigations [21][24] - The company emphasizes the importance of human oversight in automated processes, advocating for a balanced approach to AI integration [22][24] Managed Services and Gross Margins - Rapid7 has one of the best gross margin profiles in the market, with managed services being critical for resource-light organizations [26][27] - The company believes AI can help improve gross margins over time while addressing increasing security compliance requirements [27][28] - The strategy involves unlocking addressable markets while maintaining healthy gross margins [28][30] Talent Acquisition and Global Presence - The talent market has improved significantly, with Boston being a strong source of skilled professionals [32][34] - Rapid7 is expanding its presence in Pune, India, to tap into a growing talent pool and improve cost structures [53][55] Market Outlook and Guidance - The company is experiencing a dislocation in public market valuations, with a belief that the stock is undervalued based on the performance of its MDR business [45][46] - Rapid7 aims to be the leading managed security AI partner, focusing on scaling security operations while providing high-quality outcomes at reasonable costs [56][57] Future Vision - The long-term vision includes becoming the leading managed security AI partner, enhancing services in detection response, risk management, and compliance [56][57] Additional Insights - The company is adjusting its guidance to reflect the larger deal cycles and ASPs, indicating a cautious but optimistic outlook [39][40] - There is a recognition of the need for a strategic approach to customer engagement, focusing on providing high-value solutions [48][49]

Core Insights - Rapid7, Inc. has launched Active Patching, an automated patching and remediation solution integrated into its Exposure Command platform, aimed at enhancing security and IT teams' ability to mitigate risks across vulnerable assets [1][3]. Group 1: Product Features - Active Patching automates risk remediation and provides continuous, real-time visibility into systems that require patches and those without available fixes, addressing the challenges posed by traditional patching methods [2][4]. - The solution is powered by Automox's Autonomous Endpoint Management platform, allowing teams to prioritize effectively and accelerate response times, resulting in a proactive security posture [3][5]. - Active Patching enhances Exposure Command's capabilities by providing automated patching and remediation, which includes features like automated remediation workflows and unmatched patching coverage across various operating systems [6]. Group 2: Industry Context - The increasing pace at which attackers exploit zero-day vulnerabilities and misconfigurations necessitates modern security solutions that not only identify vulnerabilities but also enable rapid action [2][5]. - The partnership between Rapid7 and Automox aims to reduce risk significantly by enabling customers to transition from identification to remediation in minutes, thus minimizing manual overhead [5][8]. - Automox's platform claims to deliver 65% faster patching and improve security team efficiency by 44% through automated configuration management across multiple operating systems [8].

Financial Data and Key Metrics Changes - Rapid7 ended Q1 2025 with an ARR of $837 million, reflecting a 4% year-over-year growth, which was below expectations [6][22][23] - Revenue for Q1 2025 was $210 million, growing 3% year-over-year and exceeding guided ranges [24][27] - Product revenue increased by 4% year-over-year, while professional services revenue declined due to a strategic shift away from lower-margin engagements [24][25] - Operating income for the quarter was $32 million, above the guided range, with an adjusted EBITDA of $39 million [25][26] Business Line Data and Key Metrics Changes - The detection and response (DNR) business continued to be the core growth driver, representing over half of total ARR and maintaining mid-teens growth [8][10] - The risk and exposure management business faced challenges, with growth deceleration and missed expectations, particularly in traditional vulnerability management offerings [8][9][15] - ARR per customer grew by 2% year-over-year to approximately $72,000, with a total customer base of 11,685, also reflecting a 2% year-over-year increase [22][24] Market Data and Key Metrics Changes - International revenue accounted for 25% of total revenue and grew by 10% year-over-year, indicating strong performance outside the U.S. [24] - The North American mid-market enterprise segment experienced slower deal cycles and tighter budget controls, impacting overall performance [9][10] Company Strategy and Development Direction - The company aims to reaccelerate long-term growth and expand free cash flow, focusing on three strategic pillars: enhancing detection and response capabilities, upgrading the vulnerability management customer base to the exposure management platform, and improving cost structure [7][18][19] - Rapid7 is transitioning from a traditional standalone vulnerability management business to a more integrated risk and exposure management approach, which is expected to stabilize performance [15][16] Management's Comments on Operating Environment and Future Outlook - Management noted a more challenging macro environment than anticipated, with customers becoming increasingly cautious about investments and extended deal cycles becoming common [9][10] - The company adjusted its ARR guidance for the full year 2025 to a range of $850 million to $880 million, reflecting slower growth expectations [27][28] - Despite the cautious environment, management remains confident in the DNR business and its ability to drive growth, while also focusing on stabilizing the risk and exposure management segment [18][19] Other Important Information - The company fully repaid the remaining balance of its 2025 convertible notes, simplifying its capital structure [26] - Free cash flow for the quarter was $25 million, indicating strong operational discipline [26] Q&A Session Summary Question: Why is the upgrade cycle on Exposure Command taking longer than expected? - Management indicated that complexity in customer environments and budget constraints are primary factors affecting the upgrade cycle [34][35] Question: What needs to happen to reaccelerate ARR growth? - Management highlighted strong demand for DNR and the need to successfully upgrade the installed base as key drivers for reacceleration [41][43] Question: What is the timeline for stabilization in the risk and exposure management business? - Management expects moderate stabilization over the course of the year, with reacceleration anticipated moving forward [48][49] Question: Are there resilient customer segments amidst macro pressures? - Management noted that highly regulated industries and larger customers tend to be more resilient, while sectors like healthcare and education are experiencing more pressure [55][59] Question: How is the company addressing competition in the vulnerability management space? - Management emphasized the importance of upgrading the install base to integrated solutions to maintain competitiveness and customer retention [75][76] Question: What is the outlook for the DNR business independent of the VM dynamics? - Management expressed confidence in the DNR business's growth potential, citing strong demand and opportunities for new customer acquisition [83][84]