Rapid7 at Morgan Stanley Conference: AI and MDR Drive Strategy

On Wednesday, 05 March 2025, Rapid7 (NASDAQ: RPD) presented at the Morgan Stanley Technology, Media & Telecom Conference, outlining its strategic evolution towards a comprehensive security operations platform. While the company emphasized growth and innovation in AI and Managed Detection and Response (MDR), it acknowledged a temporary setback in margins due to increased investment. The overall tone remained optimistic, highlighting product-led growth and market opportunities.

Key Takeaways

• Rapid7 is transitioning from vulnerability management to an integrated security operations platform.
• Managed Detection and Response (MDR) service constitutes 75% of the Detection and Response ARR, exceeding $400 million.
• The company is heavily investing in AI to automate security operations and improve service efficiency.
• Rapid7 plans to expand its market footprint and upgrade its product portfolio by 2025.
• The company anticipates a temporary margin setback due to AI investments but expects growth acceleration.

Financial Results

• Detection and Response ARR: Over $400 million
• MDR’s contribution to D&R ARR: 75%
• Growth rate of D&R business: In the teens percentage
• Overall outlook: Margin expansion and growth rate acceleration expected
• Exposure Management: Currently flat, with potential upside from product updates

Operational Updates

• Focus on integrated risk management and expanding MDR service
• Leveraging AI and automation to enhance security operations
• Aiming to automate junior analyst tasks within a year
• Improvements in sales processes and customer alignment
• Establishing an India development center for cost structure flexibility
• New offerings include Red Teaming as a Service

Future Outlook

• Less than 10% of organizations expected to run a 24x7 SOC in the next decade, increasing demand for MDR
• Plans to upgrade the installed base with the Exposure Command offering
• Continued investment in AI and automation for MDR enhancement
• Exploring new monetization strategies, including customized monitoring services

Q&A Highlights

• Differentiation between exposure management and detection response businesses
• Competitive landscape and Rapid7’s integrated approach
• Monetization strategies: Customized monitoring and red teaming services
• Margins: Temporary setback due to AI investments, with expansion expected

For a more detailed understanding, readers are encouraged to refer to the full transcript below.

Full transcript - Morgan Stanley Technology, Media & Telecom Conference:

Corey Thomas, CEO, Rapid7: We can close the door.

Hamzah Tomza, Morgan Stanley: Okay. Thank you so much. All right. Well, good morning, everybody. Welcome to day three of the Morgan Stanley TMT Conference.

My name is Tomza from Morgan Stanley. I’m delighted to have Corey Thomas, CEO of Rapid7. Before I begin, just a brief programming note. For important disclosures, please see the Morgan Stanley Research Disclosure website at www.morganstanley.com/resourcesdisclosure. With that, Corey, first of all, thank you so much for being here.

It’s always an honor and a privilege to host you and looking forward to the conversation.

Corey Thomas, CEO, Rapid7: So thank you so much for having me. Great.

Hamzah Tomza, Morgan Stanley: So look, Corey, maybe just on a high level, Rapid7 has been through some transitions. It started off as a traditional vulnerability management company five, ten years ago now, but it’s a much different company today. So I’d love for you to just high level just walk us through what that platform transition has been.

Corey Thomas, CEO, Rapid7: Yes. So as you said, Hamzah, we start off as a traditional you can think about the traditional vulnerability management as an on prem vulnerability management. And one of our core markets was the mid market. So we were a leader in traditional vulnerability management in the mid market. The interesting thing about that experience is that when you initially start serving sort of like mid sized enterprises, you also get a pretty good view into what a resource constrained organizations need, what are they going to do, how they actually think about security.

So we had an early view onto some of the constraints that were paid for enterprises, that we believe we’re going to be replicated by both just mid, but like larger organizations all over the world. As security became a bigger pressure point, there was going to be a harder time that people were going to have managing their security operations. And so the things that we actually learned from that and part of the path that we actually went down were how do you actually help security operations professionals understand their environment, identify risk, manage compliance and monitor their environment at quality and scale. What we heard from our customers at that time is that they were struggling to actually get quality, efficacy and scale at a reasonable price point in their operations. And so myself, along with our team, we made some pretty aggressive investments to say, okay, how do we actually solve this?

And it was an early form of consolidation, even though we all talk about today. And in that time period, we started building out our detection and response pillars because if you look at the two core pillars of security operations, it’s how do I assess risk in my environment, how do I understand my environment, how do I access risk in my environment, how I monitor my environment. And so we actually built out our detection and response practice to actually monitor the environment. Our vulnerability management was the core risk part of the environment. And then as cloud security came along, we started investing in understanding the risk of the cloud and also monitoring the cloud environment.

If you zoom out to where we are today, if you look at our recent investments last year, we made a massive investment in understanding integrated risk across the environment. So that’s not just so like the risk that Rapid7 identifies. It’s actually consolidating risk across every security and technology provider in the environment to understand what’s the attack surface, what are your compliance gaps, what are your controls gaps and what are your misconfiguration gaps in the environment. And then we’re leveraging that across the entire environment, endpoint cloud on prem and then how do we actually help customers monitor the environment. So if you look today is we have an end to end platform that assesses the entire attack surface, understands risk and compliance across the attack surface and monitors the attack surface.

We augment that with our managed detection and response offering that actually leverages both AI and automation to drive scale. But there if you looked out, one of the big assumptions that we made in 2021 that we have even more conviction on today after seeing what we’re seeing is we said, in the next ten years, there’ll be less than 10% of the organization in the world that can run a true 24x7 SOC. And so we said, listen, how do we actually do that at scale and at quality and at a price point that customers can afford. And we started off by adopting massive amounts of automation. We also built our own productized MDR service.

So we productized it end to end ourselves. We focus on integrating with the leading technology in the world. And as AI came along, we focus on adopting AI. But if you look at our stack, we’re augmenting customers’ ability to actually manage security operations. We’re doing that in an environment that’s changing our business model.

The on prem mid market sort of like is not a growth engine. But if you look and you actually zoom out is customers actually are looking for not to completely outsource, but they’re looking for a partner that can actually help them scale the management of their security operations. And we think we’ve built both the platform and the technology and the centers of excellence to actually help customers scale that.

Hamzah Tomza, Morgan Stanley: Got it. That’s really helpful. And right now, Rapid7, like you mentioned, is really addressing the core pillars security or this risk exposure management, now detection response. But the detection response really has been it feels like the crown jewel asset, if you will. It’s over half the business or roughly half the business.

I think last quarter you said it was $400,000,000 plus in ARR, 75% of that was the managed detection response. I wanted to hone in a little bit on that. I think it makes the MDR space has seen a lot of growth in recent years. I’m curious, when you think about scaling that, because there is a services component, what are some of the opportunities and challenges you see there? And then how does AI sort of fit into that dynamic?

Corey Thomas, CEO, Rapid7: Yes. So like one is that our requirements are, the economics have to scale good for the customer, but they also have to scale well for us, like you can’t have any of them. So there’s a couple of things that we’re obsessed about. We’re obsessed about doing it efficiently, but also effectively for customers. There’s a couple of precursors.

One, more than I’m trying to think about any other provider that actually offers MDR service. We have a more integrated end to end stack. Other people have to actually sort of like subsume and spend money or the customer has to spend money on Azure Sentinel or Splunk or other stuff in their environment. Arctic Wolf does have their own stack around it. But we really focused on building an integrated world class stack that is also validated by customers’ own usage.

So like, Art2Woof has a great stack, but like we sell our tech stack to customers. So the majority of the use and so when you think about what it takes to actually sort of like scale it and get the efficacy is one, you actually do have to have an incredibly strong tech stack that you actually own the core pieces in the data stores, the data analysis engine, the core SIM technology, but you have to have the core pieces of the engine sort of like in house if you’re actually going to scale efficiently and economically. The second piece of that equation that enables you to sell is you’ve got to be massive users of automation and AI. It just doesn’t work if you actually can’t sort of like leverage automation and AI effectively across the environment. And then you actually have to take your product expertise and like the mentality that we have, if you look at our MDR SOC leaders right now is it is a mentality that says everything that they actually do, our technology needs to actually be doing like if you take what our junior analysts does, anything that they do, our technology needs to actually be doing within a year.

And so they have a tight feedback loop and a tight cycle. So we’re scaling with technology. We’re delivering the gross margins that are I would just say that like we’ve also not we’ve grown well, but we’ve left money on the table because our take has been like we are actually going to grow as long as we can actually grow efficiently. We’ve unlocked massive volumes of the potential for growth right now and part of why we’re accelerating our investments in AI is that the ability of our teams to actually have our technology do more of the work and our team focuses on the longer horizon is sort of improving year after year as we actually move along. But that quarter scale is you got to own your technology set, you got to leverage automation and AI and then you have to have a massive engine to actually process third party telemetry across the environment.

So we’re processing Palo Alto crowds, right, Sentinel ones, but like you got to be able to process other people’s data and telemetry, reconcile that with your own data that you’re collecting natively across the environment with the cloud data and do that efficiently. And so the efficiency and efficacy of the engine has been a massive investment for us.

Hamzah Tomza, Morgan Stanley: That’s really helpful. And in some ways, if I may, it’s almost a bit like service as a software. We’ve seen other companies do a similar approach, great companies who have done very well in the last couple of years. And so really it’s predicated on the customer being on the Rapid7 platform, having that data, having

Corey Thomas, CEO, Rapid7: that raw. We require customers to be on the and that doesn’t mean we don’t want like we have a great relationship with Microsoft where we connect and like work with sort of like their stack. But like yes, the core processing is on the Rapid7 platform because that’s what gives us and the customer economic scale. Yes. Got it.

Got it. And I would just say look, most of the players in this space are services companies that have different degrees of great integration stories. There’s an advantage to being a product company that’s building an MDR product. And there are and that is that sort of like that services as software, sort of like a mentality, which is almost sort of like reorientation.

Hamzah Tomza, Morgan Stanley: Yes. But important point being that it’s very much product led. Product led, excellent. Maybe going back to AI, one of the questions I’ve got just on the MDR space in general is to what extent is AI going to allow you to scale more efficiently versus AI being used to perhaps automate maybe commoditize some of the services that are being offered? What are your thoughts on that?

How does Rapid7 kind of defend itself?

Corey Thomas, CEO, Rapid7: So it should do both, just to be clear. So the way to think about like AI, there’s a bunch of stuff, I think services companies are going to do this and we’re net beneficiaries, so we know firsthand of it. It’s just a bunch of stuff that AI not just is doing that humans don’t want to do, it’s also doing things that humans do poorly, meaning that they do it very inconsistently. And so that stuff’s easy, that stuff comes off the table. In fairness, anyone can actually go do that.

So you can say that that’s a pressure point. We see it as a core vantage point, because we want our SOC analysts and our teams doing the most valuable work. And in fact, they’re happy to go do the most valuable work. Humans are not good at being consistent every moment of every day. And so we want them doing the most valuable work.

The second thing that I think that while it drives a core advantage for us is that security is a dynamic environment. And so if you look at like where AI is exceptional, AI is exceptional and actually taking massive quantities and volumes of data and doing two things is making sure that you can actually process some like common patterns or common pages repeatedly or identifying edge cases and edge ranges. A lot of security though is the frontier of security research because there’s new things that happen. Something that was vulnerable yesterday and something that was unvulnerable yesterday is actually vulnerable today. That’s a new thing.

There’s no history there. And so security has lots of things with actually no history. You did not have the state of the environment today that you actually had yesterday. So we think we’re net advantage of AI for sort of like three distinct reasons that are actually pretty that are actually, I think, incredibly important. The first one is just like you’re going to have advantage for organizations that actually have better quality of data and larger sets of data.

We have both the customers data that we actually manage, but we actually because we have 10,000 customers that just use our raw technology across the environment, we have access to sort of like all of that data to actually train our milestones. Like in comparison to almost any other MDR player in the market, not any, but like people that do the sort of like the software as a service thing is we’re top to me in terms of the data advantage that we actually have. The second piece that we actually sort of like have is, our belief is the best AI in the world for security is not unidimensional. So what most people do, if you look at most of those startups, they’re taking a unidimensional view of AI and they’re training it on the activity data in the environment. They’re training it on the logs or they’re training on the activity data you actually get out of APIs.

That’s the unit, it’s activity data. Here’s what’s happening in the environment and they’re training it on what’s happening in the environment. We, I think uniquely to security have a multidimensional model. We’re training it on, yes, the activity data, but unique amongst almost all the players in the detection response space, we actually know the state of the environment. This is why we’ve made a massive investment in the attack surface management, and the enhancement in asset management space because it’s not enough to know the vulnerabilities.

We actually know what’s every piece of technology you have in the environment, how is it configured, what are the controls you actually have in the environment, where are the controls gaps. So what other people say this has happened in the environment, we can say this is happening in the environment and here’s the state of the controls and the configurations and whether you’re susceptible or not susceptible to the environment. It’s materially different if there’s a measles outbreak somewhere is that like we know who’s been vaccinated. And so our competitors just know that like there’s measles in this space. We actually know who’s been vaccinated, who’s not been vaccinated.

This is why we had a big investment in understanding the state of the environment because the activity relates to the state of the environment is an attack that’s successful in one organization has nothing to do with what’s successful in another organization. So that’s the second sort of like vector. The third vector that’s actually material is we actually have the process data because we actually have security analysts and operators that are doing like this is part of our crowd, right? So they actually have like security operators that actually given the feedback about like here’s what we see, here’s the research, here’s what should be programmed in. So it’s the process data from the operators, the state data about what’s the state of this environment and how that relates to that activity is a unique platform to actually leverage AI going forward.

And that’s part of like we made the investments we made last year, but that’s also why we actually doubled down on some of the investments this year to accelerate that.

Hamzah Tomza, Morgan Stanley: Makes a ton of sense. And I think one of the things that you can also do with that data, I imagine is because you know who’s been vaccinated to use your analogy, you’re reducing the number of alerts that that customer may have or with some of your services.

Corey Thomas, CEO, Rapid7: This is susceptible, this is not susceptible. Because I mean all of that stuff, if you know it, you actually sort of like can actually decide what matters. And that actually gets rid of a lot of the inefficiency that makes the solutions a lot more effective and that creates economic advantage for us and our customers because that allows us to manage their environment much more effectively.

Hamzah Tomza, Morgan Stanley: Are there any examples maybe you could share where high level or numbers, but where you came into a customer, they adopted the platform and they did see that significant alert or cost reduction?

Corey Thomas, CEO, Rapid7: Oh, yes. Look, if you look right now is that we are able look, most people that are actually doing their own SOC today for a I would just say it’s actually a very common thing that we actually come in. Our value proposition when we went to a customer is that we will actually give them three advantages out of the gates. We’ll monitor more of the environment. They will actually see nest noise and the things that they’ll see will be more relevant.

And they’ll actually have 24x7 coverage sort of like out of the box. And they’ll have reconciliation across all their data and all of their alert streams. And so we had a customer that I just saw this alert this morning is we had it because I’m an executive sponsor customer. We had a customer that deployed two weeks ago. The customer advisor sent the feedback from the customer is they decided unbeknownst to us to actually do a red teaming test in their environment just to sort of like tech and tune us is the customer said, this is the they said you caught it within two minutes.

This is the fastest time I’ve seen it and that was the only alert to actually sort of like progressed in the environment. And like we’ve been doing these tests for select the last two years. And if they were caught, it actually was caught like within days, not minutes. And we were still getting lots of noise in the process. But that’s just one example of sort of like our value proposition that we offer.

Hamzah Tomza, Morgan Stanley: Yes. I should mention, this is not something that you started doing just one or two years. This is an evolution of a pie.

Corey Thomas, CEO, Rapid7: We started investing in this in 2015 and it was slow going, but we started building out the thesis because again, we saw in the early mid market and soft basis, they had zero chances of being able to run a 20 fourseven time. Now what we learned over time is we have some of the largest Fortune 500 manufacturers as actually customers, that’s one of the biggest strengths is we’ve been expanding that to actually deliver like more customized services for larger customers. If you talk to a large manufacturer, they cannot afford the stat. Their environments are massive and their security teams, even at 10 to 20 people, are just not big enough to actually manage the scope of the environment. So this how do you actually scale your security operations is a really big deal for lots of organizations.

Hamzah Tomza, Morgan Stanley: Yes. Maybe without disclosing any numbers, but when a customer does get on the detection and response platform or the full platform, do you tend to see higher levels of stickiness or expansion rates as we go to

Corey Thomas, CEO, Rapid7: the What we’ve heard from people that have done the marketing comparisons is that our retention rates for that service are amongst the highest in the industry overall when compared to some like peers and benchmarks. They’re definitely higher than what our traditional vulnerability management was. Given that, like the headwind that we have in vulnerability not a headwind, the thing that we have in vulnerability management is that it’s a sticky business, but be it market vulnerability management is not a growing business. And that’s a big part of our installed base. And so we had to have growth in other areas, which may be different if you said federal or large enterprise in orientation there.

So not only is it actually stickier, it also has better sort of like customer growth dynamics and in our dynamics.

Hamzah Tomza, Morgan Stanley: One more question from my end and I’d love to open up to the audience for Q and A. You’re certainly not start of opportunity. There’s a big market out there in detection response in all the areas that you’re covering. There had been some organizational changes in the last year from a go to market standpoint. It did seem like last quarter on the Q4 earnings call, you sound a lot more upbeat that those changes were largely behind you.

So maybe what are you excited about heading into 2025? And what were some of those changes that never made?

Corey Thomas, CEO, Rapid7: Yes. So the excitement is that this is the first time in a while that we actually have had the full product portfolio being updated. We have the opportunity to actually upgrade our installed base. We’ll see what’s the pace and the velocity of sort of like the upgrade in that installed base. So that’s extraordinarily exciting for us and our sales cycles, even in the environment that we’re actually in today.

The changes that we actually made from an overall sales perspective were we’ve actually been focused much more on our partnership and distribution ecosystem, which is a major focus. We’ve also been focusing on aligning and rationalizing our teams to actually be more customer pod focused, where instead of having like three or four different organizations where keep in mind that one of the things with the MDR services, you have customer advisors. So you could have a customer advisor, a customer success manager, an AE, a Salesforce, a TAM and they’ve disconnected. We’ve actually focused on actually having teams that support customers. So it’s not a massive change to the model, but we actually want a team based where our customers have a specific team with a specific point person that’s in charge.

That gives the customer both better accountability and frankly allows us to scale that engine much better overall. So those were some of the bigger changes that we actually made in the last year.

Hamzah Tomza, Morgan Stanley: Any questions from the audience? We have one here.

Unidentified speaker: It sounds like you have different components of the business with different growth profile. So can you elaborate on what the mix is and what the relative growth rates are of those various businesses? And is there some inflection point that you hit when the MDR business gets to a certain scale or a certain percentage of the business? Yes.

Corey Thomas, CEO, Rapid7: I mean, part of why we talked about it because I do think we’re approaching that inflection point. So our DNR business overall, which MDR is a part of it. The reason I say it’s a part of it because strategically, the unit volume is actually on the technology side, which actually gives us lots of data telemetry. But that’s roughly it’s a little bit under half the business, not quite half the business, but it’s a little bit under half the business. We talked about it being $400 ish million business that’s growing in the teens.

And we actually think that there is both durability of growth there with the investments that we’re making, but also ranges to actually have improvements in there because we’re not addressing all of the market today. Like we have lots of enterprise customers that want us to they’re like, we love your service, we’ve heard great things about it or we’ve worked with you in other companies, but you need to actually manage these custom workloads, like, hey, can you manage Epic? Epic is a pain. If you’ve seen one Epic installation, you’ve seen one Epic installation. So like how do we deliver that more customized service there?

So we think we have growth aperture there overall. The other side of the equation is the it’s not just Mortability Management, but it’s the largest piece of the business. And you can actually think about that business as sort of like being closer to like a flattish business. But this is the first time that we’ve actually had an upgrade cycle with our exposure command offering in many, many years. And so we actually think we actually have upside.

Now we don’t know the pace and velocity of upgrades. Like I always think about when you have upgrade cycles, do you get to sort of like 30% of the business in three years or 70% of the business in three years? And part of why we’re making our investments is the customers love the integrated view, they want us to accelerate compliance and they want us to continue to accelerate cloud. And so we actually see lots of opportunity to drive upgrades in that cycle there. And so those are the two sort of like if you say like listen, even if you don’t have net improvements in that risk VM side of the business, we think that the growth rates in the D and R give us some comfort about sort of like the sustainability, durability.

And we think we’re almost through the cycle where you have like the DNR cycles are they’re bigger ASPs, longer deal cycles, which just calls its own separate shift in the business. But we do see the ability to actually have upside on that risk and enclosure management business as we upgrade the installed base.

Unidentified speaker: Thank you. I have a question about the competitive landscape. And as you go upmarket versus midmarket, do you start to see some of the platforms start to offer the same type of service integrate your type of services into their platforms?

Corey Thomas, CEO, Rapid7: So it depends on what the I would just say the exposure management cost security market is going to be a congested sort of like competitive And so like we’re really measuring ourselves about like what percentage of the installed base that we actually upgrade over time. Keep in mind, like we make a lot of money like getting to like a third or half of our installed base at a 10% to 20% uplift. So it’s not like so the economics of that and turning that into a positive momentum story are not a mystery. That’s why we’re very focused about like how we deliver better quality service to the customers overall there. Feeding that out to more customers is great, but that’s almost upside to just the upgrade cycle that we’re actually in now.

But that is a competitive market. Make no mistake, we have some strong select competitors there. But we do we know we’ll be able to upgrade a good portion of our installed base and we see early momentum, early signs there. So the economics of growth, there’s lots of opportunities to actually monetize that. Under Detection and Response, we actually love the business there.

I mean, that is a massively fragmented business. Yes, you see a wide range of stuff. You see a bunch of private companies that are services companies with great technology integration. You have CrowdStrike, which has a great product where they actually manage their stack. But our value proposition of actually managing an entire SOC, processing all of their data and doing that at better cost economics and better scale than everyone else is I believe we’re going to be top three there.

We are now. I think we’re going to be top three there for a long time. I think the investments that we’re making are continuing to extend the differentiation there. That’s a massively fragmented market with 600 plus providers with different approaches. And I think our approach is strong and it resonates and that’s actually different.

Yes, there will be some people that will like do outsourced extension and that will be the right thing for them. There will be some people that will actually have a different orientation focused on price. But I think there’s plenty of growth opportunity in that market because the key thing is that again, customers will have to have 24x7 monitoring and it is a small fraction of customers that can run their own 24x7 SOC around the world. The market trends are actually moving in that direction.

Unidentified speaker: And you mentioned about new ways of monetizing some of the things you’re doing and sort of ingesting a lot of third party data and going after threats. Can you elaborate on any of those? Or are those still going to come?

Corey Thomas, CEO, Rapid7: So I would just say there the one thing that we’ve actually learned after sort of like not being thoughtful enough about what we actually need to hear is fast is we’ll talk about the results that we expect after we sort of like demonstrate the progress. But I’ll tell you the things that we’re actually focused on. We’re working with some of our larger manufacturing customers about how do we actually sort of like monitor we have good core monitoring of the environment. They want lots more customized monitoring. That’s been the purview of what I would just say is relatively higher priced, more expensive services oriented companies.

We are actually commoditizing that sort of like services oriented business by actually applying software and AI to actually monitor a lot more of the environment at scale. We’re doing that right now. We launched the initial version of that last year. That’s an example of it. Last year, on top of our platform, we offered launch our first version of our Red Teaming as a Service, where we’ll do we’re leveraging again world class penetration testers and Red Teamers.

That’s a business that is typically all historically has either been crowdsourced or has actually required deep expertise. We’re having our teams provide the intelligence and the engines and the oversight of it, but they’re managing AI models that go across that actually do sort of consistent red teaming. We’re starting with the external attack surface. That, I actually think is going to see good uptick as we actually move along. But those are just two examples of where we’re actually sort of like extending the service.

Thank

Unidentified speaker: you. It looks like you’ve expanded margins quite rapidly the last couple of years, but the guidance implies a big step back in margins next year. What’s going on there? And is this a onetime step back? And do you have a kind of longer view of the progression of margins?

Corey Thomas, CEO, Rapid7: Yes. So it’s a onetime step back. We do look, our base case has us both accelerating. We haven’t talked about the degree of acceleration and expanding margins. I want to be clear about that.

And the driver of it is really sort of like two things. It’s one, and this is why we provide the incremental visibility. We are investing to extend in known ways our detection and response service to actually leverage AI to actually leverage our technology and our automation to actually manage more customized environments, which allows us to expand our market footprint. We consider that a high return scenario and that’s why we show the scale of the business. It’s not like we’re investing with something that’s a promise on the come, so to speak.

Like this is sort of like a known good growth investment that we’re partnering with our customers to extend the service in ways that actually both make us stickier, but also leverage technology that allows us to actually expand the growth rates and the growth horizons there. So that’s the first area of investments. The second one is we are accelerating on the exposure command, both our integration, our compliance and some of our cloud stuff because as we work with our installed base, we’ve seen good uptick. But lots of customers are saying like, hey, once you get to that, I’ll upgrade and we want to make it as easy as possible to actually drive the upgrade velocity. Now part of why it’s one time is that we looked at our cost structure and compared to most of our peers, we just have too much of our cost structure in mid cost and high cost.

We have zero historically in low cost. And so we are setting up our India sort of like development center and operations. And so part of that is actually sort of setting up that. That gives us some like flexibility. I would just say to be market aligned.

This is not one where we’re going to actually be all one place versus the other. It’s that we should be at market norms and that provides flexibility in the cost structure. Our expectation as we actually go forward is that we’re expanding both margins and we should be accelerating growth and that’s the base case. The degree and the velocity of that, we’re still working through and that’s why we talked about our Analyst Day later this year.

Hamzah Tomza, Morgan Stanley: Well, underwrite there, Corey, thank you so much for traveling here and coming to our conference. So an honor to host you and best of luck with reaccelerating the business this year.

Corey Thomas, CEO, Rapid7: Thank you very much. I appreciate it. Thank you.

Hamzah Tomza, Morgan Stanley: Thank you.

This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.