Rapid7 at Canaccord Genuity’s Growth Conference: AI-Driven Security Focus

On Tuesday, 12 August 2025, Rapid7 (NASDAQ:RPD) presented at Canaccord Genuity’s 45th Annual Growth Conference, offering insights into its strategic direction amidst a challenging macroeconomic environment. While emphasizing its Managed Detection and Response (MDR) business’s strength, Rapid7 acknowledged the hurdles of longer sales cycles and market dislocation. The company outlined its commitment to AI-driven security solutions to enhance efficiency and customer outcomes.

Key Takeaways

• Rapid7’s MDR business generates over $400 million, accounting for more than half of its revenue.
• The company is focusing on larger, strategic deals with extended sales cycles.
• AI integration is central to Rapid7’s strategy, aiming to automate tasks and improve security operations.
• Rapid7 plans to expand its global talent pool, particularly in Pune, India, to optimize costs.
• Despite market challenges, Rapid7 remains committed to becoming a leading managed security AI partner.

Financial Results

• Rapid7’s Detection and Response business now constitutes over half of its operations, generating $400 million in revenue.
• The company maintains a gross margin exceeding 70%.
• Several large seven-figure deals were closed in the second quarter.
• Guidance was adjusted due to larger average selling prices (ASPs) and longer deal cycles.

Operational Updates

• Rapid7 is developing a comprehensive, AI-driven security operations center (SOC) solution.
• Investments in AI aim to automate routine tasks and enhance incident response.
• Expansion in Pune, India, is part of the strategy to optimize cost structures and access skilled talent.
• The company aspires to be the leading AI partner for managed security services.

Future Outlook

• Rapid7 aims to extend its AI-driven services to areas such as risk management and compliance.
• Scaling its global talent pool is a priority to support growth.
• The company is focused on helping customers scale their security operations with improved quality and efficacy.

Q&A Highlights

• Rapid7 is experiencing longer sales cycles with larger, more strategic deals.
• The company aims to deliver high-quality security outcomes at a reasonable cost.
• By 2028, Rapid7 seeks to be the leading managed security AI partner for customers.

Readers are encouraged to refer to the full transcript for a more detailed understanding of Rapid7’s strategic initiatives and financial outlook.

Full transcript - Canaccord Genuity’s 45th Annual Growth Conference:

Kingsley Crane, Software Analyst, Canaccord: Welcome, everybody. Thanks for being here. I’m Kingsley Crane. I’m one of the software analysts. Here at Canaccord with me, we have the Rapid7 team.

We have Corey Thomas, CEO and Sunil Shah, SVP of Finance. Thanks for being here.

Corey Thomas, CEO, Rapid7: Thank you. Good to be here.

Kingsley Crane, Software Analyst, Canaccord: Let’s let’s kick it off. Let’s start with the recent quarter. You reported solid results last week. What were the key takeaways for you in terms of customer activity, product traction, macro signals?

Corey Thomas, CEO, Rapid7: Yeah. So we thought coming out of the second quarter, we saw more stability in the macro. We had a healthy quarter. We saw a concentration of some of the larger deals that have been more hesitant in the first quarter, not just closed, but we saw steady momentum both there and in the pipeline overall. We saw really strong health in our detection response business.

We saw budding signs of the exposure command upsell even though they were larger consolidation deals. And so we felt good with what we saw. The primary thing that we actually noticed coming out of it is that we were seeing customers take more time, do more scrutiny, and focus more on how are they going to actually do more with less spend and budget overall. And that was for the deals that actually, for our consolidation play and how we help customers get leverage in their sales operations between our AI and MDR solution. That’s incredibly positive thing, but it’s also now we’re in a situation where we used to be a traditionally mid market player.

Now we’re actually looking at being customers top line expense for mid to larger enterprises, and so we’re adjusting to actually having longer deal cycles with much higher ASPs.

Kingsley Crane, Software Analyst, Canaccord: That’s really helpful. So I I wanna take it back to just a basic overview of the product portfolio. From a revenue perspective, it it’s a bit of a tail that you have. So you have a detection response business. It’s growing in the mid teens.

And then you have more broadly an exposure management business that has been seeding some share a bit more stagnant. Can you speak to that dichotomy and how you’re thinking about the overall portfolio?

Corey Thomas, CEO, Rapid7: Yeah. And so when you take a look out, you zoom back a couple years ago, we had a simple thesis is that customers were gonna have more complex environments. We used to be in the vulnerability management space, is really anchored in the on prem world. Our view was that the lead in the market overall was going to be detection response about how people manage their security operations and how they scale their security operations. And that detection response or MDR would be the primary lead motion around how people thought about that.

We invested heavily to actually be great at that. Today, it’s over half of our business. It’s over $400,000,000 business. It is a managed and AI assisted detection response business. And so we achieved our goal of actually building that business and scaling it.

And now we’re actually going back and actually then attaching and bringing along the rest of the security operation stack. You’ll see us do more compliance over time. We’ll continue to go back and expand on the risk management with cloud security. But when we think about the portfolio, security operations is really about how do you monitor what’s happening in your environment, how do you manage your threat and risk profile, how do you manage your compliance posture, and then how do you actually remediate attacks against the environment. The core and the anchor is detection response.

We want it to be great in that because it was the most strategic, most important. That’s the area of growth. We knew that if we actually did that well, then we could actually go back and build the technology, the AI, and the managed experience to actually bring the rest of the stack over on. We’ve gotten half of it done. We have to actually go finish the other part getting as much traction as we have in DNR with the rest of the cloud security, the compliance, and the risk stack.

Kingsley Crane, Software Analyst, Canaccord: That leads nicely into into the next question. So when I think about the vision that you have for an integrated SOC, you include all the expertise you’ve built over the years, and then you start layering in Agintiq workflows. It it really is compelling. So what what do you think your right to win is in in an AgenTic sock arena? And then how do you think that could drive revenue acceleration and and bring the whole portfolio together?

Corey Thomas, CEO, Rapid7: Yeah. It’s a good question. Especially in a world where, like, there’s so much noise when you think about the AgenTic sock. So you have to zoom out and say, like, what are the things that make any AI great? And at the end of the day, it’s do you have better data, better expertise?

Like, that’s true of any AI domain. We have better data and better expertise. So why do we actually have better data? Most of the stocks that you actually see in the world, most of the existing players in the world train their data on the activity data that comes from reading logs, looking at alerts across the environment. And that’s great.

That’s sort of like a a part of the data that’s actually needed. And most of them are just using a narrow set of product data, meaning that they don’t have scale. So they have a small set of data that they actually use to train off of. That’s always going to be suboptimal. What makes us unique is two factors.

One, we actually have the complete customer context. So we not just have the activity data that every sim, every MDR customer has. The reason we invested so heavily in the integration platform is we have all the data about where the assets, what are the controls, what are the configurations, what are the cloud resources in the environment, and then what’s the data on top of that. And then when you look at the expertise around that, we’ve actually been doing that for several thousand customers for multiple years in patterns. So if you look at what’s different about the environment, is the first thing is that, like, you can say, well, all data’s the same, but that’s kinda silly.

If you think about it, like, if I have a drastically different environment, then the data and the attacks against my environment are going to be different. It’s the same reason that you don’t have the same insurance market in New England that you actually have in Florida, that you actually have in California. It’s different. You’re protected from different things. So you have to know what the environment is, then you have to say, alright.

How does that environmental context relate to the daily? Am I actually seeing a hurricane or am I seeing an earthquake? You can’t treat those as the same type of thing. Then you have to have the expertise to know how to respond. You know, if you’re fighting forest fires, you need firefighters.

You need a different set of things if you’re actually dealing with hurricanes. So the expertise, the experience, and the data are different. We’ve been building that over years. By the way, that’s why we went deep in that area, and we did not try to be the best in cloud security because you can’t be all things to all people. We’re taking the advantage that we’ve actually gained in managed detection response and AI and the data around that, and now we’re actually expanding that out over time, but that’s the core difference.

Kingsley Crane, Software Analyst, Canaccord: Yeah. It makes a ton of sense. So in terms of AI in the security landscape, I would say that it’s probably been better used by bad actors in the early days than than the companies integrating into their own tools. I mean, how do you see that enabling more proactive security? And then how does that affect Rapid7?

Corey Thomas, CEO, Rapid7: Well, I mean so it’s absolutely true, but you can think about AI in some ways. It’s tailor made for bad actors. I mean, like, the number one thing we looked out for in attacks, you have phishing attacks, is misspelling and something that looks really phishing weird when you have some letter that says it’s from some foreign prince or your grandmother or something else. And so, of course, AI is great for actually that. It’s also been great for organizing.

It’s been great for research. It’s been great for reconnaissance. So, yes, it’s many ways if you think about some of the most natural forms of attacks, whether it’s organized attacks, whether it’s a reconnaissance before attacks, it’s been a boon to bad actors. The challenge that security teams have and adopted is a little bit different in orientation because it’s not just about reconnaissance organized. It’s about managing an incredibly complex environment.

And that requires tools, that requires vendors, that requires the ecosystem to produce products to actually harness the power of the environment. You’re seeing that right now. If you look, we’re getting better f and I look, I consider us in the early stages of the AI journey, but we manage thousands of customer security operations around the world. And right now, we’ve actually seen massive productivity gains in the ability to expand the coverage of customers’ environment and do that while lowering their overall cost. That’s a massive boon.

If you look at what we’ve just released with incident command, it is the technology that our socks been using for a while. And, again, it’s the first phase of that release, but it allows people to actually automatically organize, automatically annotate, and automatically build investigations that pre filter and pre organize attacks. That is a big boon to productivity, and I think we’re in the very early stages of that.

Kingsley Crane, Software Analyst, Canaccord: This this is something I don’t hear talked about a lot, but an increasingly automated security landscape with an incident response. How do you think about users becoming too reliant on automation? Is that a relevant concern for you?

Corey Thomas, CEO, Rapid7: Well, the question is, if you’re too reliant on automation, you’re only too reliant on automation if you actually have more errors and less efficacy at the end of the day. And so how do you actually assess whether you’re actually going to have more errors and less efficacy? Without a doubt, we know about hallucinations. There’s definitely error rates. I I I I don’t wanna dispute that.

The question is is are you actually able to actually scale it and get collectively more efficacy out of the solutions overall? And I think the answer is unambiguously yes. Now I think it’s incredibly naive, and I’ll just say this, to actually say that I’m just going to actually hand my entire security operations right now over to an automated AI driven SOC. We’re not at that point in time where you can actually do it. You still need the feedback loop where you’re actually honing, tuning, optimizing.

The way that we think about unraveling the AI puzzle is apply AI in the areas where humans are the most volatile and the most error prone. And so it is incredibly great at actually preprocessing, preorganizing, collecting the additional information, doing the same thing every time. Like, if you know that when you see a certain thing and you go get this information and you organize it this way, you compare it against that way, humans just don’t like mundane routine things that you do time and time again. AI and automation is just better, especially if you think about adding some of the intelligence that you actually get from large language models that actually give you the ability to actually do, I would just say, a better class of thinking against certain types of tasks. Not all tasks, but against certain type of So is AI better for certain things?

Absolutely, hands down. Is it something that you actually go all or nothing? No. We’re not at that stage yet. I think we’re a long way from that stage where you don’t have humans in the loop.

Kingsley Crane, Software Analyst, Canaccord: So this this ties into sort of a managed service question. But so in a market where managed services are increasingly critical to resource light organizations, how do you balance the high touch nature of those offerings with strong gross margins in the mid to high seventies? And then maybe where does AI come into that picture to potentially boost margins?

Corey Thomas, CEO, Rapid7: Look, this has been sort of like the area that probably I have the most excitement in. In some ways, we’ve had to curtail some of our growth because we only did things that you could actually do at a reasonable gross margin. And so, for the last several years in the managed services space, there’s been many private companies that have actually been unsustainable, unprofitable, and on the hopes that they can actually grow at the scale, which just isn’t true. You actually have to actually build scale and efficacy. We have not just one of the larger MDR businesses, we also have one of the best gross margin profiles overall in the market there.

And we’ve just actually unlocked the capability leveraging AI to actually take in more customized workloads and do it at higher gross margins. Our belief is you can actually approach product gross margins over time leveraging AI. Now, it won’t completely be there, but our belief is you can actually approach that over time. When you think about where customers are, you got increase in security compliance requirements all over the world. You have a highly fragmented regulatory ecosystem.

You have complex technology environments, and you have competition for resources within companies. It lends itself to an environment where customers are going to be more inclined to leverage managed services if they can get the right quality and the right cost. I believe that AI and managed services and the right expertise give customers that right mix of cost and quality, and we’ve clearly been leading into that with our MDR business overall, and we’re seeing the fruits of that. Now part of what happens is our approach has been to steadily unlock addressable market as we actually can actually do it at the right gross margin profile. And I think that strategy has been proven right when you look at there’s a bunch of stuck businesses.

There’s a couple high quality businesses in the MDR space, and then there’s a bunch of stuck businesses in the ER space. So you’re gonna see the high quality businesses that have reasonable gross margins, healthy a growth profile thrive, and you’re gonna see a lot of other business that didn’t do that work struggle. Yeah. And I’ll just

Sunil Shah, SVP of Finance, Rapid7: add because I think you’ve seen us demonstrate that over the last number of years. Right? We’ve talked about the sustainable sort of growth and and the pace that we’ve seen in growth within our detection response business now over $400,000,000. You’ve seen that scale. And and we’ve been on that journey to see the gross margins of that business scale along the way to whereas that scale and taken up more share of our business.

You’ve seen us maintain that, you know, 70% plus overall gross margin as a business, very healthy kind of software gross margins at a high level.

Kingsley Crane, Software Analyst, Canaccord: Yeah. It’s been impressive. So in the spirit of Boston, this is where we have our conference every year. You have a significant presence in Boston. You’re building a tech business.

Just curious your thoughts on the tech and cyber scene here and finding talent both in Boston and globally.

Corey Thomas, CEO, Rapid7: Yeah. Look. A couple years ago, it was incredibly difficult. Like, ’21 when you had hypercompetitiveness in the market. Today, you can actually find great talent around the world.

Boston, of course, produces amazing talent. Whether it’s the research institutions or even some of the schools, and I won’t name all of them because I’ll get in trouble, and I’m local here. But, like, there’s some great schools that will create great marketing people, sales people, finance people. So you actually have a great ecosystem. We’re also a global company, and we actually operate all around the world.

Talent attractiveness is probably not been as good as it is right now since pre pandemic levels. Like, we’re able to find talent. We’re able to attract talent. It’s a very, very different model. And so now it’s really just trying to find the right talent in the right location that wants to work the right way.

I always joke, you know, someone asked me, you know, for one of our socks, like, did you open up a sock in Europe or India? I said, listen, I can find lots of talent, but you know when attackers favorite time to attack is? It’s Friday night. And there’s not many people in The US who have the skills that we’re looking for, who actually wanna be up at 1AM Friday night monitoring environments for attacks. So we have to be globally oriented.

Kingsley Crane, Software Analyst, Canaccord: Yeah. I mean, it’s a huge asset. So and you spoke to some of your deals getting more strategic, getting larger. You entered this year with some of the strongest pipeline that you felt that you’ve had in a long time. Just how would you characterize that and how we’ve progressed through this year and how you’re looking at the back half?

Corey Thomas, CEO, Rapid7: Yeah. So when we entered this year, we had two sort of like two aspects of the pipeline. Our DNR deals have always been larger deal cycles. So that’s not sort of like different, and that’s been as we expected. We had a large amount of exposure command upgrades.

Way to think about that is people moving from VM to the full management of their attack surface in their environment, and the understanding of the risk, the threats, the compliance across the environment. Our hope, and I’ll emphasize that, was actually see a bunch of smaller upgrades, 10 to 20% upgrades that was actually built into the plan. The reality of what we’re actually seeing is we’re actually seeing people upgrades, but they’re upgrading and consolidating at the same time. So instead of a 20% upgrade, we’re seeing sort of, like, 200% uplifts on those, but also the corresponding deal cycles that actually goes along with that. And so that’s what we’ve refactored in is we refactored in a year to have larger ASPs and longer deal cycles.

And, look, that’s new for us. This is the first time that we’ve actually managed a a deal cycle that’s had this size ASPs and twelve month plus deal cycles in the overall pipeline.

Kingsley Crane, Software Analyst, Canaccord: Right. So you had you closed a number of large 7 figure deals in q two. Just to play devil’s advocate, why why lower the guide again? It’s purpose. You know, why not kitchen sink the guide if the only new elements or some of the seasonality that you may have known a quarter?

Corey Thomas, CEO, Rapid7: Yep. And so two different parameters on the on the question. So, one, why lower the guide is that part of it, our job is to make sure we communicate what you see. It is different in terms of the smaller volume at bat deals that are more predictable and the larger sort of in the in the larger deals that we actually have in mind. And we’re not precise in actually predicting that.

I’ll just say that, like, this is the largest mix of concentrated deals, and so we want to actually be in a range that we felt very comfortable we we can actually hit and without expecting to have the same conversion rate on half a million dollars, a million, a million and a half deals that we actually had at $50.60, $70 a year. Once we have some traction, we’ll be much better at actually leaning in with confidence, but we wanted to actually lean in with the way that we have to say we’re confident in the range and the targets that we actually have and not expecting the same types of cycles and conversions overall. I mean, same type of conversions that we were seeing on much larger ASP cycle. So that’s one about why why we tighten the guidance range. Yes.

Titan will stay within the range when we came down to the lower half of the range. And the question about kitchen sink unit, which we actually could have done because that’s not the feedback that we’re getting from the market. We’re actually getting we are having if we were not seeing traction success in DNR or even the exposure command, then that would be rational. It’s interesting that what we’re seeing is larger deal cycles. We’re definitely seeing, you know, all the stuff that we’ve been talking about for a while.

So it’s not like it’s an it’s an easy macro environment, but it’s not incrementally negative on the outlook. And we thought that was the wrong thing too. Yep. Nuance sometimes gets lost. Trust me.

There’s no one more frustrated with the stock performance than I am. If for no other reason, it massively undervalues the highly successful MDR business, which is probably worth in the whole stock Or more. Combined just in and of itself. But our goal is to actually tell you what we’re actually seeing and to be accurate and open about that as we actually go along.

Kingsley Crane, Software Analyst, Canaccord: I wanna I wanna touch on that. I just given the interest of time, wanna check if we have any questions from the audience. We can get them a mic. If not, we can circle back. So speaking to this in terms of the stock price, I mean, I think we’re clearly seeing evaluation dislocation in the market right now.

Stocks trading artificially depressed. You have more than half the business growing mid teens. How do you think about operating in public markets versus private markets? And just can you talk more about the conviction that you have in having that growth flow through to the other half of business?

Corey Thomas, CEO, Rapid7: Yeah. And so so the first thing, look, public versus private, we don’t get religious on it. I will say there’s a dislocation and the public valuation just is not sensible if you actually piece apart the parts of what’s happening there. And so and we have to execute on that. We have to deliver on that, but that’s clearly sort of a dislocation right now.

And by the way, public markets have that at certain points of time. And certainly, if you look at the growth trends at the macro level, it’s understandable what the concern is, and that’s why we try to provide the color about what’s happening up under that. The second thing is how do we actually think about the growth prospects overall. Look, our thesis is very consistent, and I do think we actually have some credibility here, is that more and more customers around the world now realize that they actually have to do security, but they’re actually looking for partners to actually take lots of the security operation load. And so they wanna operate at the program level.

They do not wanna be managing, installing, operating, and having legions of people manage their security. When they got AI pressures, got SaaS they have real competitive pressures based on the environment. So our model is to be the number one security partner for security operations. We started with detection response, which is the lead. We will take that same model and apply it to risk management, to compliance, and to third party risk and other areas of security operations, but it’s all going to follow the trend and the theme of how do we actually sort of give customers a better way to actually leverage in both managed services and AI to have a great high quality security outcome.

We’re starting that focus on MDR. I know that causes mix in the model overall, but we’ll apply that same model across the stack. And there’s zero reasons to believe I can’t say zero. There’s no reasons to believe that that’s not gonna be just as attractive for customers. If customers are willing to trust, not just us, but many parties to actually do their core detection response, which is the most strategic, they’re going to be happy if they have a high value solution that does their compliance, that actually tracks their risk performance and profiles over time.

But we’re building into that, and we’re building into that, like, one workload at a time. We started with the DNR workload because that’s the most strategic. We’re finishing up that, and then that’ll be sort of like an ongoing area. And then we’ll move to the next workload, and I think we’ll see growth from there. That is look.

I acknowledge that that’s a tough thing to actually navigate and see in public markets, But at the same time is that we’re seeing the customer adoption and the momentum. And I’m confident that, like, markets rationalize with time and data.

Kingsley Crane, Software Analyst, Canaccord: Yeah. I mean, I think you could make a really strong argument that today the stock is already undervalued on a sum of the parts basis.

Corey Thomas, CEO, Rapid7: That’s not including

Kingsley Crane, Software Analyst, Canaccord: any of these other initiatives that

Corey Thomas, CEO, Rapid7: I mean, if you got rid everything else and you just looked at the DNR business in and of itself, is itself significantly undervalued. Yeah.

Kingsley Crane, Software Analyst, Canaccord: So you mentioned your global business. You’re building out an office presence in Pune, India. Yeah. You know, gross important margins are important. Where do you see that presence going over the next, you know, couple years and maybe what percentage are in the employee headcount could that that reach?

Corey Thomas, CEO, Rapid7: Yeah. Look. I mean, right now, what what what it says is that we’re well under pure benchmark. So this is a catch up area in terms of cost structure talent. You know, right now, India is not just a low cost.

There’s some great talent. They have some of the world’s also leading research universities. It’s a big country with lots of talent. It’s a growing market. So we both like the talent, and we’re also under the allocations you will see.

You know, your average tech company has between 20 to 30% of their workforce in in in different talent locations. And so it’s something we definitely see as a potential opportunity. Is it 20? Is it 30? It’s probably too premature to tell you, but what I’ll say is that, like, it’s a great talent market.

The cost structure is better overall, and we think it’s the way we actually get scale while producing results in the overall business.

Kingsley Crane, Software Analyst, Canaccord: Just to sort of tie a bow on all this, if we think out to 2028 or a couple years out, where do you want the company to be? Like, what what’s the vision, and how do you think that we’re gonna get

Corey Thomas, CEO, Rapid7: Oh, yeah. I mean, look. When you think about the old model of outsourcing, it is massively manual, and it is overloaded with both cost inefficiencies and typically, like, crappy experience. Our goal is to be the leading managed security AI partner for customers. So when you think about AI outsourcing of your security operations is we help customers scale their security operations and we do it at better quality, better efficacy.

We do it in detection response. We do it in risk management. We do it in red team and penetration testing. We do it in compliance, and we help customers actually get high quality results at a reasonable cost. That is an attractive value proposition for a lot of customers, and we believe that we’re well positioned to do that with the experience that we’ve already got with DNR.

Kingsley Crane, Software Analyst, Canaccord: Look. I’d I’d love to spend more time. We do have to keep the conference running really efficiently. So thanks again, Corey. Thanks again, Sunil.

Really appreciate you taking the time.

Corey Thomas, CEO, Rapid7: Thank you very much.

This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.