Core Insights - Rapid7 has been recognized as a Leader in the 2025 Gartner Magic Quadrant for Exposure Assessment Platforms, highlighting its strong vision and execution capabilities in the cybersecurity space [1][4]. Company Overview - Rapid7, Inc. (NASDAQ: RPD) aims to create a safer digital world by simplifying and making cybersecurity more accessible, serving over 11,000 global customers [8]. Product Offering - The company's Exposure Command provides comprehensive exposure detection and remediation capabilities, covering both on-premises and cloud-native environments [2]. - Features include dynamic automated discovery, unified asset classification, real-world threat-validated prioritization, and LLM-based remediation guidance, making it a preferred choice for modern security teams [2]. Market Position - Rapid7 is uniquely positioned as a leader across multiple categories, including exposure management, SIEM, and MDR, being recognized in various market analyses such as the IDC MarketScape and Frost Radar [3]. Strategic Alignment - The recognition aligns with the Gartner Continuous Threat Exposure Management (CTEM) model, emphasizing a continuous, outcome-focused approach to security operations [4]. - Rapid7's Exposure Command operationalizes CTEM by translating technical findings into business-relevant risks, facilitating cross-functional responses [4].

Financial Data and Key Metrics Changes - Rapid7 ended Q3 2025 with $838 million in ARR, a 2% year-over-year growth, with revenue for the quarter at $218 million, also reflecting a 2% year-over-year increase [5][24] - Operating income was $37 million, exceeding guidance, and free cash flow generated in the quarter was $30 million, bringing year-to-date free cash flow to $98 million [5][25] - Product subscription revenue grew 2% year-over-year to $210 million, while professional services revenue continued to decline [24] Business Line Data and Key Metrics Changes - The Managed Detection and Response (MDR) business, which constitutes over half of ARR, continues to grow at double digits [6][19] - ARR per customer increased by 2%, with an average ARR per customer of over $72,000 [24] - International revenue represented 25% of total revenue and grew 8% year-over-year [24] Market Data and Key Metrics Changes - The customer spending environment remains challenged, particularly in large deals, but there are promising signs for future growth in detection and response [23] - The demand for integrated exposure and detection programs is growing, driven by regulatory pressures for compliance and reporting [15] Company Strategy and Development Direction - Rapid7 is focusing on enhancing its AI-powered security operations platform, integrating exposure management and threat detection to improve customer outcomes [9][18] - The company is making significant organizational changes, including new leadership appointments, to accelerate growth and improve operational alignment [6][20] - The strategy includes expanding partnerships, such as with Microsoft, to enhance managed detection and response capabilities [12][56] Management's Comments on Operating Environment and Future Outlook - Management acknowledges falling short of ARR guidance and is taking actions to rebuild confidence with the investment community [8] - The company is optimistic about its roadmap and strategy, despite longer deal cycles due to platform consolidation opportunities [10][18] - The outlook for Q4 includes a flat ARR quarter-over-quarter, with tightened full-year revenue guidance of $856-$858 million, representing 1%-2% growth [26][27] Other Important Information - The company is transitioning its traditional VM customer base to an integrated exposure management model through Exposure Command [19] - The new Chief Financial Officer, Rafe Brown, is expected to drive operational excellence and scale growth in SaaS businesses [20][48] Q&A Session Summary Question: Economic model of MDR and margin dynamics - Management indicated that MDR operates at higher gross margins than average MDR companies due to investments in automation and AI capabilities [31][32] Question: International vs. domestic growth rates - International revenue is growing faster than the overall business, with a focus on aligning sales processes across regions [33] Question: Pricing pressure in the MDR business - Despite flat ARR per customer growth, management believes they can continue to grow the MDR business profitably and effectively [35][36] Question: Large deal pipeline and Q4 outlook - Management is confident in the large deal pipeline but acknowledges variability in timing and conversion rates [41][42] Question: Leadership changes and priorities for Rafe Brown - Rafe Brown is expected to enhance operational acumen and drive growth through effective pricing and packaging strategies [47][48] Question: Value of traditional VM to SIEM MDR - Management is transitioning from traditional on-premise workloads to more strategic, value-added services, focusing on managed detection and response [51][53] Question: Expectations from Microsoft partnership - The partnership is expected to grow through technology integration and potential go-to-market collaboration [56] Question: Visibility around pipeline and close rates - Management is working on standardizing processes to improve visibility and accuracy in managing larger deal cycles [58] Question: Exposure Command's performance and customer engagement - Exposure Command is showing larger deal sizes and longer deal cycles, with a focus on upgrading existing customers [61][62]

Core Insights - Rapid7, Inc. has launched a local entity and platform instance in the UAE, marking a strategic investment in the region to support digital transformation and cyber resilience goals [1][2][3] - The UAE cybersecurity market is projected to reach $4.51 billion by the end of 2025, highlighting the importance of cybersecurity as a national priority for the UAE government [2] - Rapid7 has achieved DESC certification, meeting rigorous security standards to support government entities and regulated industries in the UAE [2][4][5] Company Commitment - Establishing a local presence in the UAE demonstrates Rapid7's commitment to regional priorities and local data policies, emphasizing data sovereignty as a critical national issue [6] - The company aims to build partnerships with local businesses and governments to enhance the protection of the UAE's digital future [3][6] - Rapid7's investment in dedicated cloud infrastructure allows organizations in the UAE and the Gulf to access its cybersecurity platform [3] Product Offerings - Rapid7 will deliver Exposure Command, an attack surface visibility solution, to help organizations manage vulnerabilities, applications, and cloud security [7] - The company has received recognition as a Leader in the IDC MarketScape: Worldwide Exposure Management 2025 Vendor Assessment and as a Strong Performer in the 2025 Forrester Wave™ for Unified Vulnerability Management [7] - Rapid7's platform offers context-driven visibility, cost-effective risk reduction through automation, and scalable support aligned with regional compliance standards [8] Industry Context - Dubai is recognized as a hub for innovation due to strategic investments in digital infrastructure and supportive government policies, with cybersecurity being a vital component [3] - Rapid7's approach to "Secure the Attack Surface" is designed to support the UAE's digital transformation [8] - The company will participate in GITEX Global 2025, showcasing its commitment to cybersecurity innovation [10]

Core Insights - Rapid7, Inc. has been recognized as a Leader in the IDC MarketScape: Worldwide Exposure Management 2025 Vendor Assessment, highlighting its strong position in the threat detection and exposure management market [1][7] Company Overview - Rapid7 is focused on creating a safer digital world by simplifying cybersecurity and making it more accessible, serving over 11,000 global customers [6] - The company offers a comprehensive security solution that integrates cloud risk management with threat detection and response [6] Product Highlights - The Command Platform, an AI-powered security operations platform, is central to Rapid7's offerings, providing unified solutions for exposure management and threat detection [2][3] - Exposure Command enables organizations to detect and prioritize exposures across hybrid environments, offering full visibility into their attack surface and risk-based vulnerability prioritization [3][4] Market Positioning - The IDC MarketScape report emphasizes the importance of prioritization for security teams, noting that Rapid7 connects visibility, asset classification, and prioritization effectively [4][7] - Rapid7's capabilities include a normalized view of the attack surface, real-world risk prioritization, accelerated remediation, and scalability to complex environments [7]

Summary of Rapid7 (RPD) FY Conference Call - August 12, 2025 Company Overview - **Company**: Rapid7 (RPD) - **Industry**: Cybersecurity and Managed Detection Response (MDR) Key Takeaways Financial Performance and Customer Activity - The company reported solid results with a healthy quarter, indicating stability in the macro environment and strong customer activity [3][4] - There was a concentration of larger deals that had previously been hesitant, showing steady momentum in the pipeline overall [3][4] - The detection response business is a significant growth area, now over $400 million, growing in the mid-teens percentage [6][7] Product Portfolio and Market Position - Rapid7 has shifted from a mid-market player to a key expense for mid to larger enterprises, leading to longer deal cycles with higher Average Selling Prices (ASPs) [4][5] - The detection response business is over half of the company's revenue, with plans to expand into compliance and risk management [7][10] - The company is focusing on integrating AI into its security operations to enhance efficiency and effectiveness [11][20] AI and Automation in Security - AI is seen as a double-edged sword; while it benefits bad actors, it also offers significant productivity gains for security teams [17][20] - Rapid7 is in the early stages of leveraging AI to improve security operations, with tools like incident command to automate and organize investigations [21][24] - The company emphasizes the importance of human oversight in automated processes, advocating for a balanced approach to AI integration [22][24] Managed Services and Gross Margins - Rapid7 has one of the best gross margin profiles in the market, with managed services being critical for resource-light organizations [26][27] - The company believes AI can help improve gross margins over time while addressing increasing security compliance requirements [27][28] - The strategy involves unlocking addressable markets while maintaining healthy gross margins [28][30] Talent Acquisition and Global Presence - The talent market has improved significantly, with Boston being a strong source of skilled professionals [32][34] - Rapid7 is expanding its presence in Pune, India, to tap into a growing talent pool and improve cost structures [53][55] Market Outlook and Guidance - The company is experiencing a dislocation in public market valuations, with a belief that the stock is undervalued based on the performance of its MDR business [45][46] - Rapid7 aims to be the leading managed security AI partner, focusing on scaling security operations while providing high-quality outcomes at reasonable costs [56][57] Future Vision - The long-term vision includes becoming the leading managed security AI partner, enhancing services in detection response, risk management, and compliance [56][57] Additional Insights - The company is adjusting its guidance to reflect the larger deal cycles and ASPs, indicating a cautious but optimistic outlook [39][40] - There is a recognition of the need for a strategic approach to customer engagement, focusing on providing high-value solutions [48][49]

Core Insights - Rapid7, Inc. has launched Active Patching, an automated patching and remediation solution integrated into its Exposure Command platform, aimed at enhancing security and IT teams' ability to mitigate risks across vulnerable assets [1][3]. Group 1: Product Features - Active Patching automates risk remediation and provides continuous, real-time visibility into systems that require patches and those without available fixes, addressing the challenges posed by traditional patching methods [2][4]. - The solution is powered by Automox's Autonomous Endpoint Management platform, allowing teams to prioritize effectively and accelerate response times, resulting in a proactive security posture [3][5]. - Active Patching enhances Exposure Command's capabilities by providing automated patching and remediation, which includes features like automated remediation workflows and unmatched patching coverage across various operating systems [6]. Group 2: Industry Context - The increasing pace at which attackers exploit zero-day vulnerabilities and misconfigurations necessitates modern security solutions that not only identify vulnerabilities but also enable rapid action [2][5]. - The partnership between Rapid7 and Automox aims to reduce risk significantly by enabling customers to transition from identification to remediation in minutes, thus minimizing manual overhead [5][8]. - Automox's platform claims to deliver 65% faster patching and improve security team efficiency by 44% through automated configuration management across multiple operating systems [8].

Financial Data and Key Metrics Changes - Rapid7 ended Q1 2025 with an ARR of $837 million, reflecting a 4% year-over-year growth, which was below expectations [6][22][23] - Revenue for Q1 2025 was $210 million, growing 3% year-over-year and exceeding guided ranges [24][27] - Product revenue increased by 4% year-over-year, while professional services revenue declined due to a strategic shift away from lower-margin engagements [24][25] - Operating income for the quarter was $32 million, above the guided range, with an adjusted EBITDA of $39 million [25][26] Business Line Data and Key Metrics Changes - The detection and response (DNR) business continued to be the core growth driver, representing over half of total ARR and maintaining mid-teens growth [8][10] - The risk and exposure management business faced challenges, with growth deceleration and missed expectations, particularly in traditional vulnerability management offerings [8][9][15] - ARR per customer grew by 2% year-over-year to approximately $72,000, with a total customer base of 11,685, also reflecting a 2% year-over-year increase [22][24] Market Data and Key Metrics Changes - International revenue accounted for 25% of total revenue and grew by 10% year-over-year, indicating strong performance outside the U.S. [24] - The North American mid-market enterprise segment experienced slower deal cycles and tighter budget controls, impacting overall performance [9][10] Company Strategy and Development Direction - The company aims to reaccelerate long-term growth and expand free cash flow, focusing on three strategic pillars: enhancing detection and response capabilities, upgrading the vulnerability management customer base to the exposure management platform, and improving cost structure [7][18][19] - Rapid7 is transitioning from a traditional standalone vulnerability management business to a more integrated risk and exposure management approach, which is expected to stabilize performance [15][16] Management's Comments on Operating Environment and Future Outlook - Management noted a more challenging macro environment than anticipated, with customers becoming increasingly cautious about investments and extended deal cycles becoming common [9][10] - The company adjusted its ARR guidance for the full year 2025 to a range of $850 million to $880 million, reflecting slower growth expectations [27][28] - Despite the cautious environment, management remains confident in the DNR business and its ability to drive growth, while also focusing on stabilizing the risk and exposure management segment [18][19] Other Important Information - The company fully repaid the remaining balance of its 2025 convertible notes, simplifying its capital structure [26] - Free cash flow for the quarter was $25 million, indicating strong operational discipline [26] Q&A Session Summary Question: Why is the upgrade cycle on Exposure Command taking longer than expected? - Management indicated that complexity in customer environments and budget constraints are primary factors affecting the upgrade cycle [34][35] Question: What needs to happen to reaccelerate ARR growth? - Management highlighted strong demand for DNR and the need to successfully upgrade the installed base as key drivers for reacceleration [41][43] Question: What is the timeline for stabilization in the risk and exposure management business? - Management expects moderate stabilization over the course of the year, with reacceleration anticipated moving forward [48][49] Question: Are there resilient customer segments amidst macro pressures? - Management noted that highly regulated industries and larger customers tend to be more resilient, while sectors like healthcare and education are experiencing more pressure [55][59] Question: How is the company addressing competition in the vulnerability management space? - Management emphasized the importance of upgrading the install base to integrated solutions to maintain competitiveness and customer retention [75][76] Question: What is the outlook for the DNR business independent of the VM dynamics? - Management expressed confidence in the DNR business's growth potential, citing strong demand and opportunities for new customer acquisition [83][84]

Financial Data and Key Metrics Changes - Rapid7 ended Q1 2025 with an ARR of $837 million, reflecting a 4% year-over-year growth, which was below expectations [5][20][21] - Revenue for Q1 was $210 million, growing 3% year-over-year and exceeding guided ranges [22][24] - Operating income for the quarter was $32 million, above the guided range due to timing of certain expenses [23][24] - Free cash flow for the quarter was $25 million, indicating strong operational discipline [24] Business Line Data and Key Metrics Changes - Detection and Response (DNR) business continued to be the core growth driver, representing over half of total ARR and maintaining mid-teens growth [7][9][10] - Risk and Exposure Management business faced challenges, with growth deceleration and negative performance in traditional vulnerability management offerings [7][13][21] - ARR per customer grew 2% year-over-year to approximately $72,000, with a total customer base of 11,685, also reflecting a 2% year-over-year increase [21][22] Market Data and Key Metrics Changes - International revenue represented 25% of total revenue and grew 10% year-over-year, indicating strong performance outside the U.S. [22] - The North American mid-market enterprise segment experienced slower deal cycles and tighter budget controls, impacting overall performance [8][9] Company Strategy and Development Direction - The company is focused on three strategic pillars: enhancing detection and response capabilities, upgrading vulnerability management customers to the exposure management platform, and improving cost structure [6][16] - Investments in innovation and operational efficiency are expected to drive future growth, particularly through the new operations center in India [6][10][16] Management's Comments on Operating Environment and Future Outlook - Management noted a more challenging macro environment than anticipated, with customers becoming cautious about investments and extending deal cycles [8][9][16] - The company adjusted its ARR guidance for 2025 to a range of $850 million to $880 million, reflecting increased budgetary uncertainty [25][26] - Despite challenges, management remains confident in the long-term growth strategy and the resilience of the DNR business [16][26] Other Important Information - The company fully repaid the remaining balance of its 2025 convertible notes, simplifying its capital structure [24] - New board members were welcomed, bringing expertise to support growth and industry leadership [18] Q&A Session Summary Question: Why is the upgrade cycle on Exposure Command taking longer than expected? - Management indicated that complexity in customer environments and budget constraints are primary factors affecting the upgrade cycle [30][32][33] Question: What needs to happen to reaccelerate ARR growth? - Management highlighted strong demand for DNR and the need to successfully upgrade the installed base as key drivers for reacceleration [39][42][44] Question: What is the timeline for stabilization in the risk and exposure management business? - Management expects moderate stabilization over the course of the year, with reacceleration anticipated moving forward [48][50] Question: Are there resilient customer segments amidst macro pressures? - Management noted that highly regulated industries and larger customers tend to be more resilient, while sectors like healthcare and education are experiencing pressure [56][60] Question: How is the company addressing competition in the cloud security market? - Management emphasized a focus on upgrading the existing install base rather than aggressive spending to acquire new customers, aiming for efficient growth [108][110][112]

Financial Data and Key Metrics Changes - Rapid7 ended 2024 with $840 million in ARR, growing 4% year over year [6][22] - Full year revenue reached $844 million, a 9% increase from the previous year, exceeding guidance [24] - Operating income was $164 million, representing a 19% operating margin, an expansion of over 600 basis points from the prior year [24] - Free cash flow for the year was $154 million, with a free cash flow margin of 18%, an increase of over 800 basis points from the prior year [25] Business Line Data and Key Metrics Changes - The Detection and Response (DNR) business generated over $400 million in ARR, with managed DNR growing in the mid-teens [7][14] - The risk and exposure management business showed over 20% year-over-year growth in pipeline generation during Q4 [7] - ARR per customer grew 2% year over year to approximately $72,000 [23] Market Data and Key Metrics Changes - International revenue grew 14% year over year, accounting for 25% of total revenue, while North America grew 3% and made up 75% of the mix [26] - The total customer base increased by 2% year over year, ending 2024 with over 11,700 customers globally [23] Company Strategy and Development Direction - The company is focusing on innovation in its detection and response offerings, expanding coverage and leveraging AI capabilities [8][10] - Rapid7 is scaling its partner ecosystem, with 80% to 90% of new ARR booked through the channel [8] - The launch of Exposure Command is seen as a significant milestone, validating the integrated approach to attack surface management [9][16] Management's Comments on Operating Environment and Future Outlook - Management expressed confidence in the foundational work completed in 2024, positioning the company for more consistent execution and sustainable growth [10][12] - The company expects ARR growth of 4% to 6% in 2025, primarily driven by the DNR business [18][29] - Management acknowledged the competitive landscape but emphasized the strategic value of their integrated security operations platform [10][90] Other Important Information - The company plans to reinvest up to $30 million into strategic growth initiatives, including expanding MDR service capabilities and establishing an innovation center in India [20][30] - An Analyst Day is planned for later in the year to provide deeper insights into the business and strategy [21] Q&A Session Summary Question: Clarification on ARR for Detection and Response - Management confirmed that the DNR business is growing in the mid-teens, with the remainder of ARR being a mix of cloud VM and legacy products [34][35] Question: Margin Outlook for Managed DNR - Management indicated that overall product gross margins will remain stable in the mid-seventies, but managed services will have lower gross margins due to labor components [39] Question: Competitive Landscape in Cloud Security - Management highlighted the focus on integrated exposure management to reduce complexity for customers, targeting a broader market [46][47] Question: Confidence in Net New ARR Growth - Management expressed confidence in the pipeline and early conversion rates, expecting improvements in net new ARR throughout the year [74][76] Question: Churn and Downsell Pressure in VM - Management noted that churn in the VM segment is stabilizing, with expectations for improved retention as customers transition to more integrated products [98][99] Question: Strategic Options for Declining ARR - Management is considering all options for the declining ARR segment, focusing on customer pain points and the complexity of managing risk [104][105]