Rapid7 enhances Exposure Command with runtime validation and DSPM for risk analysis

Rapid7 has unveiled new cloud security capabilities within Exposure Command. The introduction of runtime validation and Data Security Posture Management (DSPM) enables organizations to identify, validate, and prioritize exploitable risks based on real-world attack paths and business impact.

As organizations scale hybrid and multi-cloud environments, security programs must move beyond reactive models built on assessment alone. With runtime validation and DSPM, Rapid7 advances Exposure Command from continuous assessment to continuous validation, enabling proactive exposure reduction across hybrid environments.

Runtime validation determines which vulnerabilities and misconfigurations are actively exploitable, while DSPM provides critical context by mapping sensitive data and identity access to real-world attack paths that increase risk.

“True cloud risk happens at the intersection of vulnerabilities, identities, and sensitive data in production,” said Craig Adams, chief product officer at Rapid7. “By embedding runtime validation and data context into Exposure Command, we enable security teams to identify the exposures that pose the greatest risk and prioritize remediation earlier, strengthening resilience before those risks translate into breach impact.”

Rapid7’s new cloud security capabilities in Exposure Command include:

• Continuous visibility at runtime: Analyze live cloud workloads and validate which vulnerabilities and misconfigurations are actively exploitable. Leveraging eBPF-based sensors and AI-to-baseline application behavior, the solution correlates runtime signals with posture findings and business context.
• Continuous monitoring of AI-driven workloads: Detect and neutralize deviations in highly complex, unpredictable cloud environments by continuously monitoring AI agents. Going beyond static vulnerability scoring, this validates which exposures are active across AI workloads.
• Automated cloud incident response: Initiate automated remediation actions once a threat is detected and validated. Steps include pausing, quarantining, or killing processes to neutralize and reduce the blast radius of any attack.
• Data aware risk prioritization: Align sensitive data intelligence with attacker reachability to continuously discover and classify sensitive data and map identity access across cloud, SaaS, and hybrid environments. This shows whether high-value data is realistically reachable through real-world attack paths, enabling remediation decisions based on breach impact rather than vulnerability severity alone.

Together, runtime validation and DSPM enhance Exposure Command’s ability to identify and prioritize exploitable risk, enabling organizations to continuously detect and remediate active exposures before they become legitimate threats.