Sold by: Rapid7
Deployed on AWS
The Rapid7 Command Platform is a command center that gives you a holistic view of your security program. The central hub of your Rapid7 experience, the Command Platform brings your ecosystem of Rapid7 tools and capabilities into a single place to give you a trustworthy view into your attack surface, your risk posture, your threat response, and your whole security program.
4.3
Overview
Rapid7s AI-powered Command Platform aggregates data from across your security ecosystem to provide a comprehensive, actionable view of your critical telemetry. With the Command Platform, you have threat- aware risk context to anticipate and prevent breaches, actionable detections and insights to pinpoint the most critical threats across your environment, and expert intelligence from our security experts, enabling you to take action confidently every time all within a single, consolidated platform bringing your team tangible value.
Threat-aware Exposure Management
Attack surface management - Surface Command breaks down data silos by aggregating comprehensive attack surface visibility across hybrid environments, along with external attack surface scans, to build a dynamic, 360-degree view of your entire attack surface in.
Vulnerability management - Vulnerability management delivers complete visibility across on-premise and remote endpoints to help teams identify, communicate, and remediate vulnerabilities, misconfigurations, and other risks across the business.
Cloud security - Cloud security provides code-to-cloud protection for cloud-native applications and workloads with seamless integration into the CI/CD pipeline, along with real-time, agentless risk assessment and prioritization based on reachability, exploitability and potential impact.
Exposure management - Exposure Command builds on the comprehensive attack surface visibility of Surface Command with high-fidelity risk context and insight into security posture of your entire digital estate, aggregating findings from Rapid7 native exposure assessment capabilities alongside data from all your third-party security tooling and enrichment sources. This enables security teams to understand and prioritize exposure from the endpoint to the cloud.
Application Security - Application security provides dynamic security testing to automatically assess web apps and APIs for vulnerabilities using an industry-leading attack framework and library, providing accurate and actionable remediation guidance to developers
Cloud-ready Detection and Response
Next-gen SIEM and XDR - Next-Gen SIEM delivers highly efficient, accelerated detection and response with frictionless SaaS deployment, a highly intuitive interface, robust out-of-the-box detections informed by our MDR SOC, and actionable built-in automation.
Digital Risk Protection - Digital Risk Protection anticipates and prevents breaches with visibility of the external attack surface through clear, deep, and dark web monitoring, credential and data leakage,protection against phishing attempts, and more.
Automation - Automation enables your team to accelerate and streamline time-intensive processes - with no code necessary. With plugins and customizable workflows, your team can accelerate detection and response, automate vulnerability management tasks, phishing investigations, and overall collaboration.
Threat Intelligence - Intelligence hub delivers high fidelity, actionable threat intelligence with significantly less noise than traditional Threat Intelligence Platforms. Infused with intelligence from Rapid7 Labs proprietary threat and vulnerability research and community- driven tools, your team can easily focus on the most meaningful risk signals and take high priority actions to stay ahead of critical threats most relevant to your organization.
Highlights
- End alert fatigue - with prioritized threats that provide more signal and less noise.
- Disrupt attackers, not your tech stack - as you seamlessly integrate and quickly deploy across any footprint.
- Start anywhere - scale anytime from one product up to the whole platform. Managed or SaaS, we're here for your evolving needs.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Command Platform | Contact us for a custom quote. | $10,000.00 |
Vendor refund policy
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Rapid7
By Qualys
By Tenable, Inc.
Top
10
In Vulnerability and Patch Management, Data Governance
Top
10
In Industrial IoT, Application Servers
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Attack Surface Management
Aggregates comprehensive attack surface visibility across hybrid environments with external attack surface scans to provide 360-degree view of entire attack surface
Vulnerability Management
Delivers complete visibility across on-premise and remote endpoints to identify, communicate, and remediate vulnerabilities, misconfigurations, and risks
Cloud Security
Provides code-to-cloud protection for cloud-native applications with seamless CI/CD pipeline integration and agentless risk assessment based on reachability, exploitability, and potential impact
Next-Generation SIEM and XDR
Delivers accelerated detection and response with SaaS deployment, intuitive interface, out-of-the-box detections informed by MDR SOC, and built-in automation capabilities
Threat Intelligence
Delivers high-fidelity actionable threat intelligence infused with proprietary threat and vulnerability research from Rapid7 Labs and community-driven tools
Cloud-Based Vulnerability Management Platform
Single cloud-based application that integrates discovery, assessment, detection, and response capabilities for vulnerability management
Real-Time Prioritization
Real-time prioritization of vulnerabilities across global hybrid IT environments
AWS EC2 Integration
Pre-approved scanner for AWS EC2 Cloud with AWS EC2 Cloud Connector for seamless integration
Cloud Context-Aware Scanning
Cloud context aware scanning providing end-to-end visibility from inventory to remediation
Comprehensive Asset Discovery and Assessment
Discovers and assesses assets across hybrid IT environments with comprehensive coverage and visibility
Vulnerability Detection Coverage
Supports detection of more than 76,000 vulnerabilities and 186,000 plugins with comprehensive CVE and security configuration support
Risk-Based Prioritization
Predicts which security issues to remediate first using risk-based scoring and built-in compliance profiles
Agentless Cloud Assessment
Enables continuous discovery and assessment of EC2 instances for vulnerabilities without requiring agent installation, credential management, or manual scan configuration
Asset-Based Elastic Licensing
Implements asset-based licensing model that eliminates duplicate counting of assets with multiple IP addresses
Standard contract
No
No
No
Customer reviews
bc@team-consulting.com C.
Easy Log Search Across Our Estate with Clear, Understandable Alerts
Reviewed on Jan 28, 2026
Review provided by G2
What do you like best about the product?
It allows us to view and search the log sets generated across our estate with ease, and it produces clear, easy-to-understand alerts based on them.
What do you dislike about the product?
Honestly, there’s nothing to dislike. It really lifted the lid on our environments and helped us see what was going on more clearly.
What problems is the product solving and how is that benefiting you?
It’s been really helpful to be able to easily view and manage our various logs, and to have meaningful alerts generated from them.
BENOIT C.
Seamless UEBA Integration for Advanced Threat Detection
Reviewed on Jan 13, 2026
Review provided by G2
What do you like best about the product?
I highly value its seamless integration of UEBA and deception tools to detect lateral movement across the network.
What do you dislike about the product?
The platform lacks deep customization for complex correlation rules and can become quite expensive as log volume increases.
What problems is the product solving and how is that benefiting you?
It solves the problem of alert fatigue by unifying disparate logs into clear, actionable attack timelines for faster response.
Joevanne V.
Easiest SIEM Implementation with Transparent Pricing
Reviewed on Jan 06, 2026
Review provided by G2
What do you like best about the product?
In my experience, this is the easiest SIEM tool to implement. Another advantage is that, unlike many competitors, its pricing is not based on log ingestion. It has many pre-built integrations making it very easy to integrate with many 3rd party tools.
What do you dislike about the product?
This tool may feel somewhat limited when compared to some of the larger competitors in the industry.
What problems is the product solving and how is that benefiting you?
SIEM and managed detection and response have been advantageous for us, as they enable the collection of all necessary logs within our environment. This has removed our worries about costs or exceeding our log licensing limits.
SohailHyder
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
Reviewed on Nov 05, 2025
Review provided by PeerSpot
What is our primary use case?
I am working with Rapid7 InsightOps and Rapid7 InsightIDR because the requirement is as such from the customer side, particularly the banks. Whatever the requirement is, these are the products that we are working with.
I usually recommend Rapid7 InsightIDR for banks because that is the bigger chunk here who do business in cybersecurity or whose requirement is that compliance requirements need to be filled by certain products, which Rapid7 InsightIDR is one of them.
What is most valuable?
UEBA is an important element these days, but usually the requirement is for threat detection, investigation, and response. This is what Rapid7 InsightIDR provides.
Banks typically go for threat detection, investigation, and response capabilities. End-user entity and behavior analysis, or UEBA , is certainly an important addition if we provide the solution along with UEBA. It provides that and this is something that the customer cannot ignore because they want to have a 360-degree coverage of their emails or for their users and what they are doing. This is definitely their requirement.
What needs improvement?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm , it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm . If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled.
Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.
For how long have I used the solution?
It has been about four to five years now that we have been working with Rapid7. Whatever the products, they were all related to vulnerability tools that we have been working with. It has been a journey of about five years with Rapid7.
What other advice do I have?
Rapid7 InsightIDR is budget-friendly and has a good market position because not everybody can afford to go for LogRhythm or Splunk or QRadar. It is good for a middle-tier organization. In that market, there is competition now.
I do not recommend Rapid7 InsightIDR for bigger companies because they trust these big brands such as QRadar or LogRhythm. The general perception is that these are the solutions for big organizations having hundreds of branches or more. Rapid7 InsightIDR fits in the middle tier.
The integration of Rapid7 InsightIDR with the security stack works fine because the systems in this part of the world are not so much cloud-driven. They have something around 20% or 30% of services running from the cloud. The rest are usually on-premises. Office 365 is one service that they get from the cloud. Networking typically includes Cisco and Fortinet in their networks. For endpoints, the operating system is usually Windows or Linux, not Mac in an enterprise environment. Windows and Linux can be easily integrated with this solution.
The dashboard functionalities of Rapid7 InsightIDR are usually about customer-friendliness. Customers want to have some rich enrichment of the analysis or the ticket alerts or the events that come out with some processing behind the scenes. They feel that it is a more rapid or more intense process at Splunk or LogRhythm or QRadar compared to Rapid7 InsightIDR.
For automated threat intelligence features, customers usually go for a full SOAR solution. They want to have playbooks and everything to run. Although Rapid7 InsightIDR does claim that it has integrated SOAR , called InsightConnect, this is not as advanced as a dedicated SOAR solution. LogRhythm solutions or Splunk solution or Sumo Logic solution are doing business here as well. These are considered more rich in features compared to Rapid7 InsightIDR.
I rate Rapid7 InsightIDR between a six and seven out of ten.
Financial Services
IDR situation
Reviewed on Aug 06, 2025
Review provided by G2
What do you like best about the product?
It maps detections to MITRE ATT&CK, which helps a lot during investigations. So it makes the processes faster
What do you dislike about the product?
It's too limited. It's becomes difficult to create alerts and set up pattern based alerts do to the timing
What problems is the product solving and how is that benefiting you?
It gives us full visibility across endpoints, cloud apps, and logs. All in one place, and once