IT Brief India - Technology news for CIOs & IT decision-makers
India

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Modern security operations center analysts monitoring threat activity
#
SIEM
#
Advanced Persistent Threat Protection
#
SOC

Rapid7 launches Incident Command, an AI-powered SIEM platform

Yesterday
Author image
By Melvin Hipolito, Editor

Rapid7 has introduced Incident Command, a new next-generation SIEM developed to reshape how security teams detect, investigate, and respond to cyber threats.

Incident Command is powered by Agentic AI, a security operations centre (SOC)-tested system designed to unify threat detection, exposure management, automation, and curated threat intelligence within a single interface. The platform is built atop Rapid7's Command Platform, providing a data-driven foundation for security operations.

Platform integration

Rapid7 states that Incident Command unifies prevention and response functions, integrating attack and exposure management with threat detection via workflows based on playbooks developed by Rapid7's internal SOC experts. These workflows are regularly refined using data from ongoing, real-world scenarios.

Through the Command Platform's data mesh, the solution brings together attack surface visibility via Surface Command and curated threat insights from the Intelligence Hub. This allows for a seamless experience in which analysts have contextual information and do not need to switch between separate tools.

According to Rapid7, the integration of these elements aims to allow every analyst, regardless of experience, to act with greater speed, enhanced context, and improved accuracy when responding to security incidents.

Company statement

"The launch of Incident Command is a leap toward our mission to simplify access to security outcomes," said Corey Thomas, CEO of Rapid7.
"Security teams are under scrutiny to deliver measurable impact across their risk and response programs. We built the Command Platform to unify all customer data, not just what we collect, so that organisations get the facts from the beginning and reduce their time to action. Incident Command, our upgraded Next-Gen SIEM, gives customers the benefit of the Command Platform plus broadened access to our decades of SOC expertise with agentic AI integrated within the workflows they use every day."

Rapid7 highlights that with Incident Command, security professionals operate in a closed-loop feedback environment, combining AI-based threat detection, triage automation reported to have 99.93% accuracy, and the potential to save more than 200 SOC hours per week.

Key features

Agentic AI distinguishes itself from other AI products on the market by being trained on detailed detection, investigation, and response data from Rapid7's own 24/7 managed detection and response operations. This training, according to the company, supports transparent workflows for triage and investigation, achieving 99.93% benign disposition accuracy. Rather than offering only classification, the AI is designed to guide, recommend, and adapt continually with each interaction.

Incident Command's interface integrates functions traditionally spread across SIEM, SOAR, attack surface management, and threat intelligence tools, reducing the need for context switching and enabling analysts to access asset, threat, and exposure data in a unified view.

The open integration framework allows customers to consolidate Rapid7 and third-party telemetry without the requirement for complex integration projects, supporting broad visibility across hybrid technical environments. Additionally, the inclusion of vetted threat intelligence within the platform is intended to provide actionable, relevant information for detection and response workflows.

Industry view

"With Incident Command, Rapid7 is marrying exposure management capabilities with threat detection, and this is a differentiator in a crowded SIEM market," said Michelle Abraham, Senior Research Director, IDC. "By bringing detection automation, internal and external attack surface visibility, threat intelligence, and AI automation into one platform, Rapid7 is offering security analysts a solution that reduces complexity, connects data, and streamlines investigations, which improves analyst workflows."

Rapid7 reports that Incident Command is available now and designed to help organisations strengthen their security operations and improve incident response efficiency in a continually evolving threat landscape.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Tenable One reaches 300 integrations to unify security data
ReliaQuest unveils AI teammates to boost predictive security
Pangea unveils AIDR platform to strengthen generative AI security
Blackpoint Cyber & CyberFOX partner to offer bundled security
Netacea unveils Talos to combat rising intelligent web threats

Top stories

AI adoption in cloud security rises as firms seek data protection
LevelBlue warns cyber incidents jump as social engineering rises
Crowdsourced security gives CISOs edge in AI & data privacy
Teradata launches MCP Server for trustworthy enterprise AI
Teradata upgrades ModelOps for scalable enterprise AI use