Is RPD a Buy? What to Consider in 2026
Last updated June 2026
Short answer
There is no universal answer to whether RPD is a buy; it depends on your thesis, time horizon, and what you already own. Below is the case for Rapid7, the main risks to weigh, where the stock trades, and a framework to decide for yourself. This is informational, not a recommendation, and Walnut is not an investment adviser.
Rapid7 (RPD) is a cybersecurity company providing a cloud-based platform for security operations, vulnerability management, and threat detection. Its Insight platform spans several products: InsightVM for vulnerability management, InsightIDR for detection and response (SIEM and XDR), InsightCloudSec for cloud security posture, and application security testing. Increasingly, Rapid7 packages these into managed detection and response (MDR) services, where its analysts monitor customer environments around the clock, which appeals to mid-market companies that lack large in-house security teams. Rapid7 sells predominantly through subscriptions, so revenue is recurring and measured by annual recurring revenue (ARR). Its sweet spot is mid-size enterprises seeking consolidated, easier-to-operate security rather than assembling many point tools. Founded in 2000 and headquartered in Boston, Massachusetts, Rapid7 competes in a crowded, consolidating market where larger platforms are bundling vulnerability, SIEM, and cloud security together, putting a premium on its ability to show platform breadth and improving profitability.
The case for Rapid7
1. Platform consolidation.
Rapid7's Insight platform spans vulnerability management, detection and response, cloud security, and app security. Mid-market customers increasingly want fewer vendors, and a unified platform lets Rapid7 cross-sell modules and lift revenue per customer through the classic land-and-expand SaaS motion.
2. Managed detection and response.
MDR, where Rapid7 analysts monitor customer environments around the clock, is a fast-growing offering that suits mid-size companies without large security teams. Bundling software with managed services deepens stickiness, raises ARR per account, and differentiates Rapid7 from pure-tooling vendors.
3. Vulnerability management core.
InsightVM is a recognized vulnerability-management product and a durable foundation. As attack surfaces expand across cloud and remote work, continuous vulnerability and exposure management remains a structural growth category that anchors customer relationships.
4. Margin improvement.
Rapid7 has been prioritizing profitability and free cash flow after years of growth-first spending. Improving operating margins and cash generation, while sustaining recurring revenue, can re-rate the stock and reduce reliance on capital markets.
The risks to weigh
Rapid7 competes against larger, better-capitalized platforms (CrowdStrike, Palo Alto Networks, Microsoft, Tenable, Qualys) that bundle overlapping vulnerability, SIEM, and cloud-security capabilities, pressuring pricing and growth. Its growth has decelerated, and the market has at times questioned whether it can keep pace as security consolidates around a few mega-platforms. Net retention and new-logo momentum can soften in tighter IT-budget environments. The shift to balancing growth with profitability is a delicate transition that can disappoint on either axis. As a mid-cap in a momentum-driven sector, Rapid7 is sensitive to growth-rate changes, competitive bundling, and shifts in security-spending priorities.
Valuation context (as of early 2026)
- Revenue (TTM): ~$850 million
- Annual recurring revenue: Around or above $800 million
- Revenue growth: Modest (mid-single to low-double-digit)
- Operating margin: Near breakeven GAAP; positive non-GAAP
- Free cash flow: Positive and improving
- Price to sales: Low single digits
- Dividend yield: None
- Net retention: Moderate (land-and-expand)
Rapid7 trades at a more modest multiple than fast-growing security peers, reflecting decelerating growth offset by improving free cash flow and profitability. The valuation embeds skepticism about competing with mega-platforms, so the stock tends to re-rate on signs of reaccelerating ARR or stronger margins, and de-rate when growth or retention soften.
How to decide for yourself
Rather than asking whether RPD is a buy in the abstract, it tends to help to answer four questions:
- Thesis: do you believe the case above, and is it still true today?
- Time horizon: a single stock can be volatile, so a longer horizon absorbs more of the swings.
- Position sizing: a thesis can be right and the sizing still wrong; decide how much of your portfolio one name should be.
- Overlap: check whether you already hold RPD indirectly through an index or sector ETF before adding more.
For the full picture, see the RPD stock guide (what the company does, the ETFs that hold it, similar stocks, and the themes it fits). In Walnut you can ask its AI about RPD against your real portfolio and see your actual exposure before deciding.
Build a basket around RPD with Walnut
Use Rapid7 as one constituent in a thematic basket Walnut's AI helps you assemble. Describe a thesis you believe in, the AI proposes the holdings and weights, and you approve before any broker order.
FAQ
Is RPD a good stock to buy right now?
+
There is no universal answer. Whether Rapid7 fits depends on your thesis, time horizon, risk tolerance, and what you already own. This page lays out the case for, the main risks, and where the stock trades, so you can decide for yourself. Walnut is not an investment adviser and this is not a recommendation.
What does Rapid7 do?
+
Cybersecurity platform spanning vulnerability management, detection-and-response, and managed services for mid-market customers.
What are the main risks of RPD?
+
Rapid7 competes against larger, better-capitalized platforms (CrowdStrike, Palo Alto Networks, Microsoft, Tenable, Qualys) that bundle overlapping vulnerability, SIEM, and cloud-security capabilities, pressuring pricing and growth. Its growth has decelerated, and the market has at times questioned whether it can keep pace as security consolidates around a few mega-platforms. Net retention and new-logo momentum can soften in tighter IT-budget environments. The shift to balancing growth with profitability is a delicate transition that can disappoint on either axis. As a mid-cap in a momentum-driven sector, Rapid7 is sensitive to growth-rate changes, competitive bundling, and shifts in security-spending priorities.
What is RPD's ticker symbol?
+
RPD, listed on Nasdaq. Officially Rapid7, Inc. Founded 2000, headquartered in Boston, Massachusetts. Publicly traded since 2015. It trades during US market hours and is available at every major US brokerage. It is a mid-cap cybersecurity name.
What does Rapid7 do?
+
Rapid7 provides cloud-based cybersecurity through its Insight platform, covering vulnerability management (InsightVM), detection and response (InsightIDR), cloud security (InsightCloudSec), and application security. It increasingly packages these with managed detection and response services, where its analysts monitor customer environments around the clock.
Who are Rapid7's main competitors?
+
By segment. Vulnerability management: Tenable, Qualys, and Microsoft. Detection and response: CrowdStrike, Palo Alto Networks, Microsoft Sentinel, and Splunk. Cloud security: Wiz, Palo Alto Networks (Prisma Cloud), CrowdStrike, and Microsoft. Larger platforms bundling these capabilities are the main strategic threat.
Is Rapid7 profitable?
+
On a non-GAAP basis and in free cash flow, yes, and GAAP results have moved toward breakeven as the company prioritized profitability after years of growth-first spending. Improving margins and positive free cash flow now anchor the financial story, alongside more modest revenue growth than faster-expanding security peers.
Walnut is informational and is not an investment adviser. This page is educational and not a recommendation to buy or sell RPD; figures are approximate and dated, and your own situation, time horizon, and risk tolerance should drive any decision. Verify current data before investing.