All posts by Corey Thomas

A Message from Rapid7 CEO, Corey Thomas

Post Syndicated from Corey Thomas original https://blog.rapid7.com/2023/08/08/a-message-from-rapid7-ceo-corey-thomas/

A Message from Rapid7 CEO, Corey Thomas

Earlier today, the following email was shared with Rapid7 employees.

Team,

As we accelerate our delivery of the leading security operations solution and service platform experience to customers, we have determined it is necessary to restructure our operations, including the difficult decision to reduce our team in the near term. We will announce our restructuring publicly this afternoon along with our Q2 earnings results.

While it may be surprising to take this measure when we are meeting performance expectations, making decisions from a place of strength allows us the opportunity to restructure intentionally.

All employees will receive an email shortly with additional detail based on their path forward and local requirements.

I would always prefer to speak to each of you individually. Unfortunately, there is no ideal way to have this conversation with all of our global Moose simultaneously, and I regret that some of you will be reading this after the news is public. I will remain online with you as morning reaches each timezone to host town hall meetings with local teams and leaders.

There are more details on how we are supporting impacted Moose below. First, I will provide additional context on our business that led up to this decision.

Where We Are Today

The security industry is characterized by constantly adapting and learning, which is what thrills and engages many of us—there are always new technologies, attacks, threats, and research. This is true of our company, our customers, and attackers. You do not survive in security without being adaptable and innovative.

Ten years ago security was an afterthought for business leaders, and the role of the security community was to sound the alarm and make in-roads to business conversations. As security has gained attention and budget share, organizations have accumulated stacks of single-purpose security technologies. However, even great security tools are often operated in silos and are not meeting the promise of results customers need.

In today’s complex hybrid environments with highly-capable and innovative attackers, customers demand efficacy and efficiency, and integration across solutions is becoming imperative.

Rapid7 has served customers for more than two decades by meeting shifting demands for the best of vulnerability management, threat detection, and attacker insights. Measured by customer achievement, we have been fortunate to sustain +20% growth for many years.

This is all impact that we have created together, and I am grateful for every bit of effort that got us here today. However, when it comes to consolidation, we—and the industry—have been too slow to adjust:

  1. In an effort to minimize disruption, we have been making incremental changes to meet these emergent needs. However, customers don’t need us to simply move faster on point solutions, they need us to move decisively and strategically toward an integrated experience.
  2. Our rapid growth in the cybersecurity upswing enabled us to add market leading capabilities quickly, however, as we have grown our employee base to meet demand, spun up teams quickly, and expanded to new regions, it has also created unnecessary friction and inefficiencies which hinder our customer experience.

This restructuring and near-term reduction will set up our teams and customers for long term success. It will increase our capacity to invest where customers need it, and give us the flexibility to scale intentionally, foster innovation, and improve processes.

We believe we are the only company in the world that can truly transform security operations by integrating risk, threat, and incident management into a seamless platform that eliminates unnecessary compromises.

At this inflection point, we will be strategically refocusing and realigning our business toward expanding our MDR leadership across all of security operations, accelerating our investments to build the most adoptable cloud capabilities, and continuing our focus on aligning our operations to deliver the best engagement and support for our customers.

It is difficult and heartbreaking to say goodbye to Moose who have been integral to our teams over the years. We would not go forward if we were not confident that this is the best and only way we will be able to deliver the experience that our customers demand, vault over our competition, and remain the best place to work for the most Moose possible.

Restructure and Refocus

Prior to making restructuring decisions, we engaged an external advisor to indicate the most impactful opportunities in our business. They determined that we could reduce the size of our business and improve efficiency, while remaining a growth-oriented company with capacity to make strategic customer investments.

However, our Moose are not simply data. A small group of senior leaders have been working tirelessly to identify the roles and teams not aligned to our tightened strategic priorities. Every organization and location at Rapid7 will be impacted, though some teams, like engineering and sales, will experience more substantial shifts.

Departing Moose

We have taken great care to reflect our vast appreciation of the work each of you have contributed to Rapid7 by offering the most high-touch, supportive transition possible.

All employees will receive an email from [email protected] in the next half hour with additional detail based on your path forward, circumstances, and local requirements. Your notification will also outline your next steps—Moose will have every opportunity to meet with their leaders and people strategy.

To support departing Moose, they will be eligible to receive severance packages, including continued healthcare coverage for the length of the severance period, as well as outplacement services for career support. Outside the U.S., there is a broad range of employment laws, and we’ll take great care to guide our Moose and their managers through these processes, such as required consultation periods. For employees whose immigration status is connected with their employment, People Strategy is working with each impacted individual in concert with our mobility team.

Most importantly, we continue to live our motto of “Once a Moose, Always a Moose.” We hope that, as the dust settles, you are able to look back on your impact here and will continue to nurture the networks and relationships you’ve built with fellow Moose. If you need a recommendation or endorsement, I hope everyone will join me in supporting these valuable team members.

Continuing Moose

For continuing Moose, you will see an immediate focus on our strategic direction to ensure you are not absorbing additional work, renewed processes to drive innovation, and tight collaboration to ensure we don’t repeat past patterns. Right now I would like you to take the time to acknowledge our departing Moose who have contributed to our success, and support customers to avoid any disruption.

You’ll receive a note for a meeting this week with your leadership team. Next week, we will begin follow-up town halls to dig into go-forward plans.

Please keep an eye on the announcements channel for additional materials.

Rapid7 Acquires IntSights to Tackle the Expanding Threat Landscape

Post Syndicated from Corey Thomas original https://blog.rapid7.com/2021/07/19/rapid7-acquires-intsights/

Rapid7 Acquires IntSights to Tackle the Expanding Threat Landscape

I am pleased to share the exciting news that, today, Rapid7 acquired IntSights, a leading provider of cloud-native, external threat intelligence and proactive threat remediation. The IntSights team is fantastic, and their threat intelligence capabilities are equally impressive. I’ll share more about why IntSights is a great fit for Rapid7 and our customers, but let me first share some context for this acquisition.

We’ve seen firsthand that with digital transformation the attack surface has increased exponentially and customers are recognizing that improved visibility to their internal risk profile is just one part of the security equation. With today’s threat landscape, it’s imperative for security teams to have early, contextualized threat detection across their internal and external environment. Yet most security teams are already under-resourced and overburdened, struggling to identify and address what needs immediate action. So, under these circumstances, how can we help security teams stay one step ahead of the attackers? Enter IntSights.

IntSights offers a leading, cloud-native, external threat intelligence and remediation solution that helps customers solve this emerging challenge. Sophisticated threat intelligence capabilities are typically only realistic for the most mature, well-resourced organizations. But IntSights is disrupting that and democratizing threat intelligence so that every organization can protect itself, regardless of size or capabilities.

There’s no shortage of threat intelligence information available today, but much of it lacks context, creating too much alert noise and additional work for already-overburdened security teams. IntSights’ flagship Threat Command offering turns complex signals into contextualized attack-surface intelligence, making threat intelligence easier for organizations of any size to remediate their most critical external threats.

For example, IntSights monitors the clear, deep, and dark webs to identify threats specifically targeting an organization’s digital footprint, including things like data and credential leakage, malicious activity tied to their brand, and fraud. But IntSights goes beyond monitoring and takes action by proactively remediating with automated takedowns of threats.

Coupling IntSights’ tailored, external threat-intelligence capabilities with Rapid7’s community-infused threat intelligence and deep understanding of customer environments will enable customers with a unified view into threats, attack-surface monitoring, greater signal-to-noise ratio, relevant insights, and proactive threat mitigation.

What’s next

IntSights has built a tremendous business and we look forward to making Threat Command available as a standalone offering to an even broader set of customers through this acquisition. At the same time, we will begin integrating IntSights’ threat-intelligence capabilities into the Rapid7 Insight Platform to unlock earlier threat identification and faster remediation across our entire portfolio. Learn more about how we intend to accelerate security operations and emergent threat response with our platform.

In addition, we will leverage IntSights’ capabilities to enhance our cloud-native, extended detection and response (XDR) capabilities by enabling high-quality, high-fidelity alerts to ensure efficient security operations, earlier threat detection, and accelerated response times. Learn more about how the acquisition of IntSights enhances our best-in-class XDR offering.

Welcome, IntSights!

From its beginning, IntSights set out on a mission to democratize threat intelligence, something that is very culturally synergistic with Rapid7, as we continue our journey to close the security achievement gap and bring high-quality and efficient security operations to organizations of all sizes and capabilities. I want to welcome IntSights’ customers, partners, and team members to Rapid7. Today we begin a new and exciting chapter together as we continue to innovate in the threat-intelligence space, always keeping the needs of our customers at the forefront. I look forward to what will undoubtedly be great things to come.