Rapid7 introduces runtime validation in Exposure Command

Rapid7, Inc. described new cloud security capabilities within Exposure Command, focusing on runtime validation and Data Security Posture Management (DSPM) for how exploitable risk is identified and prioritized. The change matters for enterprise security teams that operate across hybrid environments and need visibility into what is actively exploitable, not only what assessments flag.

In the company’s description, the approach moved Exposure Command from continuous assessment to continuous validation. Runtime validation determines which vulnerabilities and misconfigurations are actively exploitable, while DSPM provides context by mapping sensitive data and identity access to real-world attack paths that increase risk.

Rapid7 said the capabilities include continuous visibility at runtime, which analyzes live cloud workloads and validates vulnerabilities and misconfigurations that are actively exploitable. It also said eBPF-based sensors and AI-to-baseline application behavior correlate runtime signals with posture findings and business context. For AI-driven workloads, Rapid7 described continuous monitoring of Artificial Intelligence (AI) agents to validate which exposures are active across AI workloads.

The company also outlined automated cloud incident response, including initiating automated remediation actions once a threat is detected and validated, with steps that may pause, quarantine, or kill processes to reduce blast radius. It further described data aware risk prioritization that aligns sensitive data intelligence with attacker reachability to discover and classify sensitive data and map identity access across cloud, Software-as-a-Service (SaaS), and hybrid environments. Craig Adams, chief product officer at Rapid7, said, “True cloud risk happens at the intersection of vulnerabilities, identities, and sensitive data in production,” and “By embedding runtime validation and data context into Exposure Command, we enable security teams to identify the exposures that pose the greatest risk and prioritize remediation earlier, strengthening resilience before those risks translate into breach impact.” Rapid7 planned to demonstrate the capabilities at the RSAC 2026 Conference in San Francisco, March 23-26, booth #S-3201.