We are delighted to announce Rapid7 launched a new Amazon Web Service (AWS) cloud region in India with the API name ap-south-2.

This follows an announcement in March 2025, when Rapid7 announced plans for expansion in India, including the opening of a new Global Capability Center (GCC) in Pune to serve as an innovation hub and Security Operations Center (SOC).

The GCC opened in April 2025, quickly followed by dedicated events in the country, to demonstrate our commitment to our partners and customers in the region. Three Security Day events took place in May, in Mumbai, Delhi, and Bangalore. These events brought together key stakeholders from the world of commerce, academia, and government to explore our advancements in Continuous Threat Exposure Management (CTEM) and Managed Extended Detection and Response (MXDR).

“Expanding into India is a critical step in accelerating Rapid7’s investments in security operations leadership and customer-centric innovation,” said Corey Thomas, chairman and CEO of Rapid7. “Innovation thrives when multi-dimensional teams come together to solve complex challenges, and this new hub strengthens our ability to deliver the most adaptive, predictive, and responsive cybersecurity solutions to customers worldwide. Establishing a security operations center in Pune also enhances our ability to scale threat detection and response globally while connecting the exceptional technical talent in the region to impactful career opportunities. We are excited to grow a world-class team in India that will play a pivotal role in shaping the future of cybersecurity.”

Rapid7 expands to 8 AWS platform regions

Today, Rapid7 operates in eight platform regions (us-east-1, us-east-2, us-west-1, ap-northeast-1, ap-southeast-2, ca-central-1, eu-central-1, govcloud).

These regions allow our customers to meet their data sovereignty requirements by choosing where their sensitive security data is hosted. We have extended this capability to ap-south-2 and me-central-1 to process additional data and serve more customers with region requirements we have not previously been able to meet.

What this means for Rapid7 customers in India

This gives our customers in India the ability to access and store data in the India region for our Exposure Management product family.

⠀

⠀

Exposure Command combines complete attack surface visibility with high-fidelity risk context and insight into your organization’s security posture, aggregating findings from both Rapid7’s native exposure detection capabilities – as well as third-party exposure and enrichment sources you’ve already got in place – allowing you to:

• Extend risk coverage to cloud environments with real-time agentless assessment

• Zero-in on exposures and vulnerabilities with threat-aware risk context

• Continuously assess your attack surface, validate exposures, and receive actionable remediation guidance

• Efficiently operationalize your exposure management program and automate enforcement of security and compliance policies with native, no-code automation

Learn more about Exposure Command.

⠀

Figure 1: Exposure Command Remediation Hub

Cybersecurity is a team sport

In cybersecurity, no one fights alone. Defending against modern threats requires seamless collaboration, real-time intelligence, and precision execution—just like a well-coordinated sports team. That’s why Rapid7 Labs and our Vector Command team work together to stay ahead of adversaries, ensuring security teams have the insights and capabilities needed to respond effectively. While Rapid7 Labs uncovers emerging threats and delivers cutting-edge research, Vector Command puts that intelligence to work—validating response strategies, optimizing defenses, and ensuring organizations are ready when it matters most. Because in cybersecurity, the best defense is a well-prepared team.

What is an Emergent Threat Response?

Rapid7’s Emergent Threat Response (ETR) program from Rapid7 Labs delivers fast, expert analysis and first-rate security content for the highest-priority security threats to help both Rapid7 customers and the greater security community understand their exposure and act quickly to defend their networks against rising threats.

The Rapid7 Command Platform displays any emergent threats on our homepage, at the top of the screen, easily visible once you have logged in. Our expert researchers include a blog post to accompany each emergent threat.

We also notify all Managed Service customers after discovering new Common Vulnerabilities and Exposures (CVEs). This notification includes known information about the CVE, steps to protect your environment and updates on Rapid7’s response.

Why is ETR critical?

Emergent threat response validation is critical because cyber threats evolve at a relentless pace, often outpacing traditional security measures. Without continuous testing and refinement, even the most advanced security tools can fall short when faced with real-world attacks. By proactively validating threat response strategies, organizations can identify gaps, fine-tune automation, and ensure that security teams are ready to act with speed and precision. This not only minimizes downtime and damage but also strengthens overall resilience, enabling businesses to stay ahead of adversaries rather than scrambling to react after an incident has already occurred. In today’s threat landscape, preparedness isn’t optional—it’s the difference between containment and catastrophe.

How can Vector Command help?

This is the value of an always-on, managed red team service. We continuously test your defenses against the latest ETRs, to see if we can breach your network before threat actors do. If we’re successful, we’ll show you how—and provide actionable remediation guidance.

We’d love to highlight the many organizations that have benefited from this capability with Vector Command, however, we respect their privacy.

One example we can share: a global professional services firm adopted Vector Command for this exact use case. As a frequent target of advanced persistent threats, their security team recognized the value of proactive testing of their resilience.

DORA compliance was also a key driver for this client, given their customer footprint in the EU and the requirement to have reporting. DORA compliance reports demonstrate how financial entities meet regulatory expectations around ICT risk management, incident handling, and third-party oversight—ensuring operational resilience.

With Vector Command, we deliver ongoing external network penetration testing. For some customers, this alone is enough to demonstrate to auditors that they are actively validating their defenses in alignment with DORA.

CTEM and Validation

The leading industry analyst, Gartner®, has said, “security operations managers should go beyond vulnerability management and build a continuous threat exposure management program to more effectively scope and remediate exposures”.

Threat exposure management involves identifying, assessing, and mitigating exposures within an organization's digital environment. CTEM has emerged as a dynamic program designed to help teams manage their expanding attack surface and maintain a consistent, actionable security posture.

The fourth phase of CTEM is the validation phase and this is where always on red teaming, like Vector Command becomes essential.

Rapid7 also supports the second, third and fifth phases of CTEM through our Exposure Command and Exposure Command Advanced, both launched in August 2024.

Take command of your attack surface

This is the fourth post in our deep dive blog series exploring key capabilities of Vector Command. We hope you’ve found it valuable—and if you have feedback or questions, we’d love to hear from you.

Rapid7 brings together world-class expertise -  from our Labs researchers and red teamers to the superstars who work across our multiple SOC’s.

If you missed our most recent virtual Take Command 2025 summit, the session, “Outpacing the adversary: Red teaming in a complex threat landscape” is still available on demand. You’ll hear firsthand from industry expert, Will Hunt and Rapid7 principal security consultant, Aaron Herndon.

We’ve also created a self-guided product tour for Vector Command—available anytime for a hands-on look at the platform.

Vector Command: Request Demo ▶︎

Ready to see how continuous red team managed services can ensure your potential attack pathways are remediated before they can ever be exploited?

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner, “How to Grow Vulnerability Management Into Exposure Management”, November 2024 (For Gartner subscribers only)