When Alex Pratt, regional vice president of commercial sales, looks at competitors in the cybersecurity industry, he sees mimicry as a signal that the team at Rapid7 is on the right track.
“When the rest of the market is trying to align with your vision because they see your customers excelling — that is the ultimate metric of success,” Pratt said.
There’s one key ingredient to that success, Pratt said: research.
“Everything that Rapid7 does is backed by a 25-year obsession with research,” Pratt said.
In fact, Pratt shared that the company invests a substantial portion of revenue each year into research and development.
“We have always believed that to be a great security partner, you have to be a research company first — and that long-term bet on an integrated platform is paying off for our customers,” Pratt said.
Built In spoke with Pratt about the milestone that best captures Rapid7’s strength this year, and the expansion bets that employees are most excited about.
Rapid7 is a cybersecurity company with the mission to create a secure digital world for customers, the industry and its communities.
Which milestone best captures strength this year — and why is it credible?
The most significant milestone for Rapid7 this year is achieving market leadership status and third-party recognition, for both our platform and overarching company strategy. We had a fantastic 2025 in terms of analyst validation, and it was incredibly rewarding to witness, but what really gets me excited is seeing our competitors pivot their own strategies to mirror ours. When the rest of the market is trying to align with your vision because they see your customers excelling — that is the ultimate metric of success.
Everything that Rapid7 does is backed by a 25-year obsession with research. We held over 300 granted patents at the end of 2025, with a massive chunk of those specifically representing the AI/ML technologies we’ve built directly into our SOC. We reinvest roughly a quarter of our revenue back into research and development each year because we have always believed that to be a great security partner, you have to be a research company first — and that long-term bet on an integrated platform is paying off for our customers.
Where are you strongest competitively — and what proof backs that?
Rapid7’s competitive edge, right now, is our ability to deliver pre-emptive security. This industry has long been crowded with endpoint-centric providers, playing a game of cat-and-mouse by blocking a threat and scrambling to figure out the impact afterwards. This model is simply not sustainable or comprehensive enough to address today’s threat landscape. We’re excelling because we help our customers understand their complete attack surface before a breach even starts, and close the door before the adversary reaches it.
What is Rapid7’s competitive advantage?
“Rapid7’s competitive edge, right now, is our ability to deliver pre-emptive security… We’re excelling because we help our customers understand their complete attack surface before a breach even starts, and close the door before the adversary reaches it.”
— Alex Pratt, Regional VP of Commercial Sales
The proof is in the shift we are seeing in the market. Organizations are moving away from “black box” providers, or companies that keep their methodology under wraps, because they’ve realized that a reactive posture is not enough when 25 percent of incidents begin with vulnerability exploitation. They’re choosing our Command Platform because it integrates asset, cloud, and exposure data into an AI-driven engine that actually shines a light on where attackers are going to strike — building a level of resilience that legacy tools simply cannot match.
What expansion bet excites you — and which leading indicator will you watch?
The expansion that has me most excited is Vector Command. I’m keeping a close eye on how many of our customers are taking their programs to the next level by moving beyond standard, point-in-time penetration testing and shifting toward a continuous red-teaming service. And while traditional, occasional pentesting remains a vital cornerstone for security, Vector Command adds that critical next layer — a persistent offensive partner that validates defenses against the latest threat research every single day.
Success here is not about giving a customer a longer list of problems, it’s about helping them move from asking “what could be wrong?” to truly knowing “what would actually work,” and then leading them down the roadmap to remediation. Watching our customers augment their static audits with an always-on offensive posture is the clearest sign that we are helping them achieve true, measurable resilience.
