Rapid7 Achieves FedRAMP® Authorization for Its InsightGovCloud Platform

BOSTON - October 1, 2025 - Rapid7, Inc., (NASDAQ: RPD), a leader in extended risk and threat detection, today announced that its InsightGovCloud Platform has achieved FedRAMP^® Authority to Operate (ATO), solidifying its position as a trusted Cloud Service Offering (CSO) for U.S. Federal agencies. This milestone underscores Rapid7's commitment to enabling secure cloud adoption for Public Sector organizations by meeting the rigorous security standards required by the Federal Risk and Authorization Management Program (FedRAMP^®).

The FedRAMP Authorization validates the security of Rapid7's cloud-based platform and affirms its readiness to support Federal agencies in managing their evolving cybersecurity needs. With this achievement, Rapid7's approved solutions can now be deployed across a wide range of Government environments to deliver proactive threat exposure management and automated response capabilities at scale across hybrid cloud and on-premises environments.

"For Federal agencies navigating increasingly complex and constantly evolving security environments, working with a security platform that meets the highest standards of security, reliability and compliance is critical," said Pete Rubio, Senior Vice President, Platform and Engineering at Rapid7. "Rapid7 is uniquely positioned to meet this need, delivering the automation, visibility and context to help Federal agencies reduce risk and accelerate remediation across their environments."

"Achieving this authorization marks a meaningful commitment to the Federal agencies we support," said Damon Cabanillas, Public Sector Vice President of Sales at Rapid7. "We look forward to building deeper partnerships with security teams across the sector by delivering a comprehensive security platform that protects assets from endpoint to cloud and empowers agencies to proactively manage risk, accelerate response and strengthen resilience across their entire attack surface."

The Rapid7 InsightGovCloud Platform includes a suite of vulnerability management, CNAPP and SOAR solutions within the FedRAMP authorization boundary. These tools empower Federal agencies to assess their attack surface, detect and prioritize threats and automate response workflow, all from a centralized interface that delivers clarity and control.

With Rapid7's newly approved solution, Federal agencies can benefit from:

• Dynamic Asset Discovery and Attack Surface Visibility: Identify and close critical vulnerabilities across the entire IT ecosystem with a single agent and agentless scanning options supported by a unified vulnerability database ensuring nothing is missed or overlooked.
• Threat-Aware Hybrid Vulnerability Prioritization at Scale: Focus on what matters most with Rapid7's threat-enriched risk scoring model, integrating real-world threat context, business impact, attractiveness and attacker behavior to surface the most actionable risks from endpoint to cloud.
• Real-time cloud security and posture assessment: Gain continuous real-time visibility across all cloud workloads and enforce security posture at scale, reducing misconfigurations and audit prep time across cloud platforms and Kubernetes.
• Streamlined Collaboration and Accelerated Remediation Operations: Bridge the gap between security and IT teams with hundreds of built-in integrations, automated remediation workflows and project tracking to accelerate risk reduction with actionable guidance delivered directly to preferred ITOps tools.

"By securing the FedRAMP ATO, Rapid7 ensures Government agencies have access to critical security management tools and solutions that meet rigorous compliance standards," said Alex Whitworth, Cybersecurity Solutions Vertical Executive at Carahsoft. "Carahsoft and its reseller partners are pleased to offer Rapid7's InsightGovCloud platform to the Public Sector to enhance protections and minimize vulnerability risks."

Rapid7's existing certifications include SOC2 Type 2, ISO 27001, TX-RAMP, IRAP, EU-U.S. Data Privacy Framework and CE+. The company's FedRAMP Authorized status adds to this robust portfolio and strengthens its ability to serve Public Sector customers with confidence.

Rapid7's solutions are available through Carahsoft's GSA Schedule No. 47QSWA18D008F, SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042, NASPO ValuePoint Master Agreement #AR2472, OMNIA Partners Contract #R240303, E&I Contract #EI00063~2021MA and The Quilt Master Service Agreement Number MSA05012019-F. For more information, contact the Carahsoft Team at (888) 662-2724 or [email protected]. Explore Rapid7's solutions here.

To learn more about Rapid7's Command Platform, visit https://www.rapid7.com/platform/.

To view the FedRAMP In Process Marketplace listing for InsightGovCloud, visit https://marketplace.fedramp.gov/products/FR2422240916

About Rapid7
Rapid7, Inc. (NASDAQ: RPD) is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7's comprehensive security solutions help more than 11,000 global customers unite cloud risk management with threat detection and response to reduce attack surfaces and eliminate threats with speed and precision.

X.

About Carahsoft
Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider^®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator^® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Visit us at www.carahsoft.com.

Contact
Mary Lange
(703) 230-7434
[email protected]