Rapid7 Unveils Incident Command, a Next-Gen SIEM for Enhanced Threat Detection and Response

Rapid7 launched Incident Command, a new next-gen SIEM, to transform how security teams detect, investigate, and respond to threats. Incident Command unifies preventative attack and exposure management with threat detection and response, powered by Agentic AI workflows. This extends the capabilities of Rapid7's Command Platform.

Rapid7, Inc. (NASDAQ: RPD), a leading player in threat detection and exposure management, has announced the launch of Incident Command, a next-generation Security Information and Event Management (SIEM) system. Incident Command extends the capabilities of Rapid7's Command Platform by integrating preventative attack and exposure management with threat detection and response, powered by Agentic AI workflows [1].

The new SIEM system aims to transform how security teams operate by unifying traditionally siloed functions such as SIEM, SOAR (Security Orchestration, Automation, and Response), ASM (Attack Surface Management), and threat intelligence into a single, intuitive interface [2]. This integration is designed to streamline workflows, reduce complexity, and improve the efficiency of security operations.

Key features of Incident Command include Agentic AI, which is trained on years of detection, investigation, and response data from Rapid7's 24/7 MDR (Managed Detection and Response) operations. This AI is designed to assist analysts transparently and accurately, with a 99.93% benign disposition accuracy rate. The system also offers a unified analyst experience, enabling analysts to investigate threats with deep context and reducing the need for context switching [1].

Furthermore, Incident Command includes a closed-loop feedback model that combines AI-powered threat detection with deep exposure visibility. It automates triage with high accuracy and saves over 200 SOC (Security Operations Center) hours per week. The system is built on a data mesh that allows for the unification of Rapid7 and third-party telemetry data, providing end-to-end visibility across hybrid environments [1].

The launch of Incident Command comes at a time when security teams are facing significant challenges, including high alert volumes and growing attack surface complexity. By offering a solution that reduces alert fatigue, automates triage, and provides actionable insights, Rapid7 aims to address these challenges and improve the overall effectiveness of security operations [2].

Rapid7 will showcase Incident Command at Black Hat USA, August 6-7 in Las Vegas, and is available for demonstrations at the event [1].

References:

[1] https://www.globenewswire.com/news-release/2025/07/29/3123254/36514/en/Rapid7-Launches-Incident-Command-AI-Native-SIEM-Empowers-Analysts-to-Act-with-Speed-and-Precision-from-Risk-to-Response.html

[2] https://www.rapid7.com/blog/post/introducing-rapid7-incident-command-the-future-of-ai-powered-security-operations-is-here