Latest features designed to protect sensitive data across multi-cloud environments, drive effective prioritisation and accelerated remediation of exposures with AI-driven risk scoring and integrated asset context

Rapid7, a leader in extended risk and threat detection, today announced new innovations to its Exposure Management offering. These latest features further enhance the Rapid7 Command Platform, delivering unmatched attack surface visibility and unparalleled context. With this expanded offering, organisations now have continuous visibility into sensitive data stored across their multi-cloud environments paired with the context they need to prioritise and remediate exposures effectively.

As organisations increasingly need to track who has access to sensitive data, ensure it is adequately protected, and verify compliance with evolving privacy regulations, the ability to discover and protect this data from endpoint to cloud has become table stakes. These new innovations within Rapid7’s Exposure Management weave sensitive data insights into an AI-driven risk scoring and prioritisation model, enabling security teams to track the data as it relates to assets across locations, ownership, access controls, and posture statuses. In addition, the updates include enhancements to Remediation Hub, enabling risk-based exposure management by aligning risk severity, asset context, reachability, and exploitability together with recommended remediations. This provides security teams enhanced asset context at the time of remediation and removes the need for analysts to navigate across the platform to eliminate exposures.

“Security teams today need more than just visibility—they need it paired with unparalleled context and control for maximum efficiency,” said Craig Adams, chief product officer at Rapid7. “That’s exactly what we’re delivering with these latest innovations. By integrating sensitive data insights, AI-driven prioritisation, and embedded remediation guidance, we’re ensuring that organisations can proactively reduce risk, expedite response times, and gain deeper visibility into their attack surface.”

These new innovations to Exposure Command provide organisations with the ability to:

• Discover and Protect of Sensitive Data Across Multi-Cloud Environments: By integrating with Cloud Service Provider (CSP) security services like AWS Macie, GCP DLP, and Microsoft Defender, along with Infrastructure-as-Code (IaC) tagging, teams can classify and secure sensitive data from the start—eliminating manual processes and improving data hygiene. These insights feed directly into Layered Context and Attack Path Analysis, ensuring security teams can prioritise exposures that put sensitive information at risk.
• Prioritise Exposures with AI-Generated Vulnerability Scoring: The rapid growth of vulnerabilities has outpaced vendors and agencies like NIST and NVD, leaving security teams without timely CVSS scores to assess severity. To bridge this gap, Rapid7 AI-driven CVSS scoring uses advanced machine learning to analyse vulnerability data, generate intelligence-driven scores, and enhance accuracy of Active Risk scoring—helping teams cut through the noise and prioritise exposures with confidence.
• Speed Up Exposure Remediation with Integrated Asset Context: The expanded Surface Command and Remediation Hub embeds remediation guidance directly within asset inventory and asset detail pages, eliminating platform switching and streamlining risk mitigation. This deeper integration accelerates mean-time-to-remediate (MTTR), enriches asset context with third-party security and ITOps insights, and enhances collaboration by providing stakeholders with the contextual intelligence needed for faster, more informed decision-making.

To learn more about Rapid7’s Command Platform or to request a demo, visit https://www.rapid7.com/products/command/request-demo/.