Rapid7 Delivers Smarter Network Security with Curated Intelligence Rules for AWS Network Firewall

Rhea-AI Summary

Rapid7 (NASDAQ: RPD) launched Curated Intelligence Rules for AWS Network Firewall on November 20, 2025 to deliver Rapid7 Labs threat intelligence directly into native AWS environments.

The offering converts vetted Indicators of Compromise into high-quality, deployable rule groups that aim to reduce manual rule maintenance, close coverage gaps, and lower alert fatigue. Key features include region-specific curated rule sets, a proprietary Decay Scoring system that retires stale IOCs, AWS-validated updates, and transparent per-GB metering. Use cases noted include blocking ransomware C2, detecting reconnaissance, preventing exfiltration, and identifying phishing domains.

Positive

• Native integration with AWS Network Firewall for one-click deployment
• Automated Decay Scoring that retires stale IOCs
• Region-specific curated rule sets to reduce alert fatigue
• AWS-validated updates and transparent per-GB metering

Negative

• None.

BOSTON, Nov. 20, 2025 (GLOBE NEWSWIRE) -- Rapid7, Inc. (NASDAQ: RPD), a leader in threat detection and exposure management, today announced the launch of Curated Intelligence Rules for AWS Network Firewall to deliver industry-leading, curated threat intelligence directly into customers’ native AWS environments. This new offering empowers organizations to scale their cloud defenses effortlessly and reduce the significant operational overhead associated with managing network security rules.

Managing and manually updating firewall rules to keep pace with evolving threat actors is a resource-intensive task that often leaves security teams with coverage gaps. Rapid7 converts curated intelligence on relevant Indicators of Compromise (IOCs) from Rapid7 Labs into high-quality rule groups, delivering expert-vetted threat intelligence directly within an organization's AWS environment. By providing this intelligence directly into AWS Network Firewall, Rapid7 Curated Intelligence Rules removes these coverage gaps, enabling immediate, high-quality protection against real-world threats.

“Integrating our Curated Intelligence Rules directly with AWS Network Firewall transforms world-class threat intelligence into instant, actionable protection. Customers can now deploy defense backed by Rapid7 Labs’ research with just a few clicks, ensuring their security scales as dynamically as their AWS environment,” said Craig Adams, chief product officer at Rapid7. “This is game changing for security teams dealing with the complexity associated with a proliferation of manual rule creation and maintenance.”

Harnessing industry-leading threat intelligence

Rapid7’s approach to Curated Intelligence Rules is built on three core principles:

• Focus on quality over quantity: Rules emphasize meaningful, low-noise detection directly aligned with current, real-world threats, significantly reducing alert fatigue.
• Curated global intelligence: Rule sets are powered by high-quality, region-specific data from unique sources, providing unparalleled visibility and context for actionable detections.
• Dynamic and self-cleaning rule sets: Threat intelligence is not static. Using Rapid7’s proprietary Decay Scoring system, rules are automatically retired when an IOC passes a certain threshold, ensuring the delivered intelligence is always fresh, relevant, and current.
  

The operational advantage

Rapid7 Curated Intelligence Rules for AWS Network Firewall deliver immediate and tangible value, allowing security teams to achieve a significant operational advantage:

• Automate threat protection: Reduce overhead with continuously updated, curated detections delivered natively within AWS Network Firewall.
• Adopt protections faster: Deploy protections backed by industry-leading threat intelligence from Rapid7 Labs with just a few clicks in the AWS console.
• Maintain predictable operations: Benefit from AWS-validated updates, transparent per-GB metering, and clear rule-group metadata.
  

These rule sets provide practical defense against a wide range of attack scenarios, including blocking command and control (C2) communication from known ransomware families, detecting network reconnaissance activity, preventing data exfiltration, and identifying traffic to malicious domains used in phishing campaigns.

The curated intelligence that powers Rapid7 Curated Intelligence Rules is derived from ingestion sources that are unique to Rapid7, such as honeypot data and proprietary research, as well as insights from Rapid7’s open source initiatives and research communities. These include Metasploit, AttackerKB, and other global communities that make Rapid7’s reach into understanding the threatscape both broader and deeper. Expertly crafted machine learning (ML) models combined with manual verification from the Rapid7 Labs team provide additional layers of validation.

“In today’s cloud environments, the sheer velocity of new threat campaigns demands more than volume-based threat feeds. It demands curated, high-fidelity intelligence. With Rapid7 Curated Intelligence Rules for AWS Network Firewall, we’re cutting through the noise to give security teams the clarity and confidence they need to focus on what truly matters,” said Raj Samani, chief scientist at Rapid7. “Our curated, continuously refined intelligence empowers defenders to disrupt adversaries faster and maintain protection that evolves as dynamically as the threats themselves."

This new integration comes at a time when cybercriminals are accelerating the pace of vulnerability exploitation following disclosure. Rapid7’s recent Q3 Threat Landscape Report identified a significant number of threat actor campaigns exploiting software vulnerabilities. Integrated threat intelligence is a crucial component in successfully warding off such attacks.

Learn more about Rapid7 in AWS Marketplace here.

About Rapid7
Rapid7, Inc. (NASDAQ: RPD) is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7’s comprehensive security solutions help more than 11,000 global customers unite cloud risk management with threat detection and response to reduce attack surfaces and eliminate threats with speed and precision. For more information, visit our website, check out our blog, or follow us on LinkedIn or X.

Rapid7 Media Relations
Alice Randall
Director, Global Communications
press@rapid7.com
(857) 216-7804

Rapid7 Investor Contact
Ryan Gardella / Ryan Flanagan
ICR, Inc
investors@rapid7.com
(617) 865-4277

FAQ

What are Rapid7 Curated Intelligence Rules for AWS Network Firewall (RPD)?

A Rapid7 offering that delivers vetted Indicators of Compromise as deployable rule groups directly into AWS Network Firewall.

How do RPD Curated Intelligence Rules reduce operational overhead?

They provide continuously updated, curated detections and rule groups so security teams avoid manual rule creation and maintenance.

What is Decay Scoring in Rapid7's RPD rule sets and why does it matter?

Decay Scoring automatically retires IOCs after a threshold so delivered intelligence remains fresh and relevant.

Which attack scenarios do RPD Curated Intelligence Rules aim to address?

They target ransomware C2 blocking, network reconnaissance detection, data exfiltration prevention, and malicious domain identification for phishing.

When did Rapid7 announce the AWS Network Firewall integration for RPD?

Rapid7 announced the Curated Intelligence Rules for AWS Network Firewall on November 20, 2025.

How can customers deploy Rapid7 Curated Intelligence Rules in AWS?

Customers can deploy protections with a few clicks in the AWS console via the AWS Marketplace listing linked by Rapid7.