IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Secure multi cloud shield radar containers central console dark
#
Hybrid Cloud
#
Hyperscale
#
Cloud Security

Rapid7, ARMO unite to bolster cloud runtime security

Thu, 15th Jan 2026
Author image
By Mark Tarre, News Chief

Rapid7 has struck a partnership with cloud security company ARMO that adds cloud and application runtime security to the Rapid7 Command Platform.

Rapid7 said the move extends its exposure management approach. The company said it adds runtime visibility to its existing attack surface coverage.

Cloud runtime security focuses on activity in live cloud assets and workloads. Rapid7 said modern cloud attacks often exploit small gaps across interconnected services and environments.

Runtime detection

Rapid7 said the joint offering includes continuous anomaly detection and real-time threat detection and response across active cloud assets and workloads. The company said the platform gives security, development, and IT teams a single view that prioritises threats.

The companies positioned the partnership around Cloud Application Detection & Response, often shortened to CADR. ARMO is known as the creator and main maintainer of Kubescape, an open-source cloud-native security project focused on Kubernetes environments.

"By extending our exposure management leadership with runtime from ARMO, we're giving organisations clearer visibility, faster response, and better security outcomes," said Corey Thomas, CEO, Rapid7.

"This is another important step in our commitment to delivering unified, open security with exposure context that enables security teams to move from reactive defence to preemptive response," said Thomas.

What it adds

Rapid7 described several areas of functionality in the new runtime security layer inside the Command Platform. It said security teams can detect active threats in real time, from application-level activity through to cloud-level threats. It also referenced API attacks, data exfiltration, and container breakout attempts.

The company said it correlates runtime events with misconfigurations, vulnerabilities, and identity risks. It said this provides a single view of risk and active attacks. It also said teams can respond by isolating compromised workloads or terminating malicious processes.

Rapid7 also said the runtime security workflows integrate with AWS, Azure, and other multicloud environments.

ARMO framed the partnership as an extension of its approach to runtime security in cloud-native environments, with an emphasis on open source and behavioural detection.

"Our team built ARMO to bring the most advanced runtime-powered, open-source first, behavioural Cloud Runtime Security to every Kubernetes and cloud-native environment," said Shauli Rozen, Co-Founder and CEO, ARMO.

"Rapid7 shares that philosophy," said Rozen.

"By combining their breadth - across exposure management, detection and response, and cloud security - with our runtime security technology, we are delivering the most advanced cloud defence solution that is both modern and practical," said Rozen.

"Together, we're helping organisations detect real attacks as they happen and protect the infrastructure their businesses rely on," said Rozen.

Market view

Rapid7 said the partnership reflects the challenges security teams face in cloud environments that change quickly. The company said attackers take advantage of gaps that sit across different layers of infrastructure and software.

IDC linked the partnership to the need for visibility across multiple cloud environments. The research firm also pointed to the difficulty of connecting risk assessments with live threat activity.

"As enterprises face increasingly fragmented and complex cloud threats, the need for full visibility across all cloud environments continues to be paramount. Rapid7's partnership with ARMO helps to meet that market need by connecting the dots between proactive exposure management and real-time threat detection & response," said Philip Bues, Senior Research Manager, IDC Security and Trust.

"This addition to Rapid7's capabilities enables security teams to better correlate exposures with active threats and prioritise remediation based on operational risk, supporting both security objectives and business continuity," said Bues.

Rapid7 said the runtime security capability forms part of Exposure Command Ultimate, its higher-tier exposure management offering within the Command Platform.

Related stories
Dell names Richard McLaughlin APJC regional president
Asus targets 30% APAC notebook share with AI, partners
AMD expands Ryzen AI chips, mini-PC & gaming CPU push
Tesa marks 45 years in Singapore with new lab push
Exclusive: How email still reigns supreme for small business marketing

Top stories

Entuity V23.0 boosts remote monitoring with agents
ADLINK unveils Xeon edge GPU servers for AI vision
SentinelOne debuts lifecycle platform for AI security
Tech salaries level off as burnout & AI skills surge
Exclusive: Celonis' Kerry Brown warns CIOs to 'remove chaos'