Rapid7 has introduced new cloud security capabilities to its Exposure Command platform, adding runtime validation and Data Security Posture Management (DSPM) to help organisations identify and prioritise exploitable risks based on real-world attacks.
Rapid7 said the enhancements move Exposure Command beyond continuous assessment towards continuous validation, enabling security teams to determine which vulnerabilities and misconfigurations are actually exploitable in live environments.
The addition of DSPM provides further context by mapping sensitive data and identity access to potential attack paths, helping teams assess risk based on business impact rather than severity scores alone.
“True cloud risk happens at the intersection of vulnerabilities, identities and sensitive data in production,” Craig Adams, chief product officer at Rapid7, said in a statement.
“By embedding runtime validation and data context into Exposure Command, we enable security teams to identify the exposures that pose the greatest risk and prioritise remediation earlier, strengthening resilience before those risks translate into breach impact.”
The new capabilities include continuous visibility into live cloud workloads, allowing organisations to analyse runtime behaviour and validate whether identified weaknesses are actively exploitable. The platform uses eBPF-based sensors and AI-driven behavioural baselining to correlate runtime signals with existing posture data and business context.
Rapid7 has also extended monitoring to AI-driven workloads, enabling organisations to detect anomalies and validate active exposures in increasingly complex environments where traditional static analysis can fall short.
Automated incident response features have been added to allow security teams to take immediate action once threats are validated, including isolating or terminating processes to limit potential impact.
The DSPM component introduces data-aware risk prioritisation by continuously discovering and classifying sensitive data, while mapping identity access across cloud, SaaS and hybrid environments. This allows organisations to determine whether critical data is realistically reachable through attack paths, enabling more targeted remediation strategies.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.