Rapid7 Inc. (NASDAQ: RPD) announced the launch of its Cyber Governance, Risk, and Compliance early access program on May 12. The program aims to integrate security operations with governance, risk, and compliance workflows through the company's Command Platform.

The Cyber GRC program uses real-time exposure data to align controls, evidence, and risk decisions with live threats rather than static frameworks. According to the company, the system combines AI-driven third-party risk management with a threat-aware risk register to provide executives with data-backed visibility.

"Organizations invest heavily in security tools, but many are still left to determine how to validate control effectiveness and demonstrate compliance," said Jon Schipp, Senior Director of Product Management at Rapid7. "Cyber GRC connects fragmented data across assets, exposures, and controls to the attack surface, giving teams a clear view of risk and enabling consistent, evidence-backed outcomes."

Rapid7 has established partnerships with audit and assurance organizations including HITRUST, Insight Assurance, and 360 Advanced to support the program's continuous assurance capabilities.

The program includes features such as HITRUST control coverage with continuously updated dashboards, audit-ready user access exports, unified policy bulk exports, and vulnerability management export capabilities.

The early access program is currently available, with broader availability planned for later in 2026. Rapid7 serves more than 11,500 customers worldwide and operates as a cybersecurity operations company focused on managed detection and response services.