Rapid7

Creators of Metasploit offering enterprise penetration testing integrated with their comprehensive vulnerability management and security operations platform.

Headquarters

Boston, Massachusetts, United States

Founded

2000

Team Size

500+

Geography

Global

Markets

Global, North America, Europe

Last verified: Feb 2026

Review Rapid7 Write a Review

About

Rapid7 is a major publicly traded cybersecurity company headquartered in Boston, Massachusetts, offering a comprehensive suite of security solutions including penetration testing services. Founded in 2000, Rapid7 is best known as the creators and maintainers of Metasploit, the world's most widely used penetration testing framework, which gives them unparalleled expertise in vulnerability exploitation and offensive security tooling.

Their penetration testing services leverage this deep product knowledge alongside experienced consultants who conduct thorough assessments of networks, web applications, cloud environments, and mobile applications. Rapid7's approach integrates their proprietary InsightVM vulnerability management platform and InsightConnect SOAR capabilities with manual penetration testing, providing clients with a holistic view of their security posture.

The company serves organizations of all sizes, from mid-market businesses to large enterprises and government agencies. Rapid7's penetration testing team follows industry-standard methodologies including OWASP, PTES, and NIST guidelines, and their reports are known for being actionable and business-context-aware. With over 11,000 customers worldwide, Rapid7 brings the stability and resources of a large security vendor combined with the technical depth born from maintaining Metasploit and Project Sonar.

Services

Web Application Penetration Testing Network Penetration Testing Mobile App Penetration Testing Cloud Penetration Testing API Penetration Testing Social Engineering Red Teaming Vulnerability Assessment Configuration Review Wireless Penetration Testing

Accreditations

SOC 2ISO 27001

Compliance Expertise

SOC 2 PCI DSS HIPAA NIST CSF ISO 27001 GDPR CCPA

Best For

EnterpriseMid-MarketGovernment

Industries

Technology Financial Services Healthcare Government Retail & E-commerce Manufacturing

Methodologies

OWASPPTESNIST

Team Activity

Active in CTF competitions

Gartner Magic Quadrant Leader - Vulnerability Management

Speaker: Black Hat

Speaker: DEF CON

Speaker: RSA Conference

Open source: Metasploit

Open source: Rex

Open source: Recog

Compare With

Reviews

Be the first to share your experience with Rapid7.

Be the first to review Rapid7

Is this your company? Claim this profile

Related Providers

Best for Mid-MarketBest for Financial Services

NetSPI

Leading penetration testing firm with the Resolve platform for continuous attack surface management, trusted by nine of the top ten US banks.

Minneapolis, Minnesota, United StatesContact for pricing

Web ApplicationNetworkCloudAPI+7

SOC 2ISO 27001CREST

Verified Feb 2026

Profile Compare

Trustwave

Global managed security provider with the elite SpiderLabs penetration testing team and deep PCI DSS compliance expertise.

Chicago, Illinois, United StatesContact for pricing

Web ApplicationNetworkMobile AppCloud+6

PCI QSAISO 27001SOC 2CREST

Verified Feb 2026

Profile Compare

Best UK ProviderBest for EnterpriseResearch Leaders

NCC Group

Global cybersecurity consultancy with CREST, CHECK, and CBEST accreditation, renowned for deep technical research and comprehensive penetration testing services.

Manchester, United KingdomContact for pricing

Web ApplicationNetworkMobile AppIoT+12

CRESTCHECKCBESTISO 27001+5

Verified Feb 2026

Profile Compare

Pen Test Partners

The UK's largest independent security testing firm, renowned for IoT/OT research, CBEST red teaming, and CHECK/CREST-accredited penetration testing across all sectors.

Buckingham, United KingdomContact for pricing

Web ApplicationNetworkMobile AppIoT+10

CRESTCHECKCBESTSTAR+4

Verified Feb 2026

Profile Compare