Rapid7 Outage History

Rapid7 experienced intermittent issues with their agent management UI and delays in SIEM data processing for 10.8 hours. The problem was identified as a vendor dependency issue, affecting the User Interface component. The incident was resolved after working with the vendor provider to restore full service functionality.

Rapid7's SIEM (InsightIDR) and Managed Detection and Response services experienced delays in Investigation creation for approximately 2.5 hours on May 5, 2026, between 11:25 and 13:50 UTC. The issue primarily affected Custom and Contextual alerts, while Rapid7 Managed alerts remained unimpacted. The service was resolved by deploying a fix and replaying all affected alerts across all regions to ensure missing Investigations were generated.

Rapid7 experienced a slowdown in processing alerts and creating investigations in the ap-southeast-2 and eu-central-1 regions for approximately 75.6 hours. The incident caused delays in security alert processing and investigation workflows for users in these regions. The issue was resolved by scaling the impacted services to process the backlog, with all systems returning to normal operation.

Rapid7's InsightAppSec service experienced degradation where security scans were failing to initiate or complete successfully, affecting the user interface. The incident lasted 1.8 hours before a fix was implemented and the service was restored to normal operation.

Rapid7's Attack Surface Management (Surface Command) experienced a failure of the Command Platform import feed, preventing customers from importing data into their environments. The engineering team identified the root cause, applied a fix, and restarted the affected import feeds. The incident was resolved after 2.3 hours with import feed functionality fully restored.

Rapid7's Automation Reporting Homepage experienced a dashboard issue where specific metrics including "Time Saved" and "Time to Human Decision" failed to load on the primary landing page for approximately 50 hours. While the visual indicators were unavailable in the main dashboard UI, users could still access reporting metrics through other areas of the product, and all historical data remained secure with no data loss. The issue was resolved with a fix implementation and automatic backfilling of any missing data during the incident period.

Rapid7's Command Platform experienced degraded performance affecting user login and navigation between platform experiences for 51 minutes. Customers encountered latency when logging in and navigating through the user interface. The engineering team implemented a fix and monitored recovery before fully resolving the incident.

Rapid7 customers in US East and US West regions experienced an abnormally high volume of security investigations between 6:00 PM and 12:30 AM UTC on April 9th, 2026. The issue was resolved after 16.3 hours, with the SOC processing remaining investigation backlogs for managed customers. Systems returned to normal performance levels following the resolution.

Rapid7's Command Platform experienced a login outage affecting both SSO and local MFA authentication methods, with users encountering unexpected errors after entering MFA codes. The User Interface components were impacted for 2 hours, preventing access across all regions. The issue was resolved after recovery efforts restored login functionality, followed by continued monitoring to ensure stability.

A configuration error at Rapid7 briefly re-enabled legacy detections starting at 11:00 AM UTC, causing an unexpected spike in new investigations being created over a 2-hour window. This affected SIEM and Services customers, who experienced noisy investigations cluttering their dashboards and user interface. Rapid7 disabled the problematic detections, performed bulk cleanup of the false investigations, and contacted all affected customers with remediation plans.