Rapid7 Business Model Canvas
Fully Editable
Tailor To Your Needs In Excel Or Sheets
Professional Design
Trusted, Industry-Standard Templates
Pre-Built
For Quick And Efficient Use
No Expertise Is Needed
Easy To Follow
Rapid7 Bundle
Discover a Security Vendor Business Model Canvas — concise enterprise scaling insights
Discover Rapid7's Business Model Canvas — a concise breakdown of customer segments, value propositions, channels, revenue and cost streams. This strategic snapshot reveals how Rapid7 scales security products and captures enterprise clients. Purchase the full, editable Canvas for detailed, actionable insights.
Partnerships
Hyperscale cloud providers
Alliances with AWS (≈32% IaaS market share 2024), Microsoft Azure (≈23%) and Google Cloud (≈12%) enable Rapid7 native integrations, marketplace listings and optimized data ingestion across the leading cloud stacks. Joint reference architectures and validated blueprints accelerate secure cloud adoption and deployment consistency for customers. Co-selling and co-marketing programs expand reach and lower acquisition costs, while deep technical partnerships boost performance, scalability and compliance mappings.
MSSPs and MDR partners
Service providers extend Rapid7’s coverage and deliver 24/7 operations for customers lacking in-house teams, leveraging a 2024 MDR/MSSP market that grew roughly 20% year-over-year to address rising demand for outsourced SOC capabilities. Co-delivery models amplify detection, triage, and response workflows, shortening mean time to detect and respond in partner deployments. Partners embed Rapid7 into their SOC stacks to standardize outcomes, boosting mid-market penetration and customer stickiness by materially increasing recurring contract value.
Technology alliances
Integrations with SIEM, EDR, SOAR, IAM, and ITSM vendors create end-to-end workflows that lower mean time to detect and remediate. Open APIs and certified connectors reduce deployment friction and support rapid scale; Rapid7 reported FY2024 revenue of $1.03B, reflecting platform adoption. Customers gain unified visibility and automated remediation paths across toolchains. Joint roadmaps ensure interoperability and future-proofing.
Channel resellers & integrators
Value-added resellers and global system integrators scale Rapid7 distribution and complex deployments, packaging its platform into broader security transformations; Rapid7 reported full-year 2024 revenue of 786.7 million USD. Implementation services shorten time-to-value for customers, while incentivized partner programs support predictable pipeline and renewals.
- Channel reach: global SIs enable enterprise rollouts
- Revenue: Rapid7 FY2024 786.7 million USD
- Services: implementation reduces time-to-value
- Programs: incentives drive renewals and pipeline
Threat intel & standards bodies
Collaboration with MITRE, ISACs, and vulnerability disclosure programs enriches Rapid7 detection content and shared research improves coverage of emerging threats. Standards alignment eases compliance reporting across the 16 critical infrastructure sectors recognized by US DHS. Community contributions and ISAC partnerships strengthen brand credibility and customer trust.
- MITRE collaboration: improved detection mapping
- ISACs: sector-aligned threat sharing
- VDPs: continuous vulnerability feed
Alliances with AWS/Azure/GCP, MDR partners cut MTTR; revenue $1.03B
Alliances with AWS (≈32% 2024 IaaS), Azure (≈23%) and GCP (≈12%) enable native integrations and marketplace reach. Partnered MDR/MSSPs address a ~20% YoY 2024 market growth, shortening MTTR. Open APIs and SI/VAR channels scale deployments; Rapid7 FY2024 revenue: $1.03B. MITRE/ISAC ties improve detection and compliance mapping.
| Partner Type | Example | 2024 Metric |
|---|---|---|
| Cloud | AWS/Azure/GCP | 32%/23%/12% IaaS share |
| Revenue | Rapid7 | $1.03B FY2024 |
| MDR/MSSP | Outsourced SOCs | ~20% YoY growth |
What is included in the product
Detailed Word Document
A compact, pre-written Rapid7 Business Model Canvas organized into the 9 classic BMC blocks, detailing customer segments, channels, value propositions, revenue streams, and key resources. Includes competitive advantage analysis and SWOT-linked insights, ideal for presentations, investor discussions, and strategic decision-making.
Customizable Excel Spreadsheet
High-level view of Rapid7’s business model with editable cells to quickly map its security products, revenue streams, and partner ecosystem, saving hours of formatting and enabling fast, shareable team collaboration for strategic decisions.
Activities
Platform R&D
Platform R&D focuses on continuous enhancement of vulnerability management, detection and response, and cloud security capabilities, with prioritization of analytics, automation, and user experience to reduce mean time to detect and remediate threats. Engineering maintains scalable data pipelines and multi-tenant architecture that process petabytes of telemetry, supporting over 10,000 customers as of 2024. Development cycles emphasize rapid iteration driven by threat evolution and direct customer feedback, shortening release cadences and improving platform efficacy.
Threat research & content
Rapid7 curates detections, analytics rules, playbooks, and remediation guidance to accelerate response and reduce dwell time; ongoing vulnerability intelligence and exploit research feed constant updates. Tuning of correlation logic lowers false positives and prioritizes alerts. Advisories and best-practice publications amplify community resilience, as cyber breaches averaged $4.45M in 2023 and the 2023 cybersecurity workforce gap remained ~3.4M.
MDR & security operations
Delivery of 24/7 monitoring, investigation, and response provides continuous visibility and rapid remediation for Rapid7 MDR customers. Incident handling, proactive threat hunting, and containment support reduce attacker dwell time and limit impact. Runbooks and automation streamline case workflows, cutting manual triage and accelerating resolution. Outcome-focused reporting quantifies risk reduction through metrics like incidents contained and time-to-remediate.
Customer success & enablement
Sales, partnerships & marketing
Sales, partnerships & marketing drive Rapid7s pipeline through direct, channel, and cloud marketplace motions, leveraging NASDAQ:RPD brand strength and ~ $1.0B 2024 revenue to fuel enterprise deals; partner recruitment, certification, and co-selling scale reach and reduce time-to-value. Thought leadership via events, webinars, and research sustains demand while pricing, packaging, and upsell motions align to measured product value.
- Pipeline: direct, channel, marketplace
- Partners: recruitment, certification, co-sell
- Demand: events, webinars, research
- Monetization: pricing, packaging, upsell
Petabyte pipelines powering 11,000+ customers and $1.0B revenue
Platform R&D and engineering scale multi-tenant data pipelines processing petabytes to support 11,000+ customers and $1.0B 2024 revenue; continuous analytics, automation, and UX improvements lower MTTR. Threat research, detections, playbooks and 24/7 MDR reduce dwell time amid a 3.4M workforce gap; average breach cost $4.45M (2023).
| Metric | Value |
|---|---|
| Customers | 11,000+ |
| Revenue 2024 | $1.0B |
| Breach cost 2023 | $4.45M |
Full Version Awaits
Business Model Canvas
The document you're previewing is the exact Rapid7 Business Model Canvas you will receive after purchase, not a mockup or sample. When you complete your order, you'll get the full, ready-to-use file formatted as shown, suitable for editing, presenting, and sharing. No hidden content or surprises—what you see is what you'll download.
Resources
Security research teams
Rapid7s security research teams—expert analysts and engineers—produce detections, rules, and exploit research that directly fuel MDR efficacy and platform relevancy. Heritage from community tools like Metasploit informs practical coverage and real-world detection tuning. As a public company (RPD) with over 1,700 employees in 2024, these teams are a defensible talent asset against competitors. Their insights shorten response cycles and raise product stickiness.
Data & telemetry corpus
Rapid7 maintains a petabyte-scale telemetry corpus ingesting millions of events per day across endpoints, network, identities and cloud to power detections and threat hunting. Decades of historical datasets train analytics and raise signal-to-noise, while normalization and enrichment pipelines add contextual metadata. Data gravity from aggregated customer telemetry improves detection accuracy and prescriptive recommendations.
Platform IP & tooling
Platform IP centers on microservices, APIs, and automation engines that enable scalable incident handling and continuous delivery; Rapid7 emphasized platform modernization in 2024 to improve deployment velocity. Proprietary correlation logic and remediation workflows differentiate detection-to-response effectiveness and reduce mean time to remediate. A broad integrations portfolio accelerates ecosystem value with native connectors to major cloud and SIEM vendors. Patents and extensive codebases protect competitive advantage and licensing leverage.
Brand & customer base
Rapid7s recognition in vulnerability management, XDR/MDR and cloud security drives customer trust, supported by a installed base of over 9,000 customers as of 2024; published case studies and references materially reduce sales friction and accelerate procurement. That installed base enables efficient cross-sell and upsell motion, while an active community and partner ecosystem strengthens talent acquisition and strategic partnerships.
- Brand recognition: vulnerability management, XDR/MDR, cloud security
- Scale: >9,000 customers (2024)
- Sales acceleration: case studies & references
- Growth levers: cross-sell, upsell, community-driven hiring
Partner ecosystem
Alliances with cloud, security, and services firms expand Rapid7s reach and integration footprint; Rapid7 is listed on NASDAQ under RPD and offers solutions via AWS Marketplace, Microsoft Azure Marketplace, and Google Cloud Marketplace to simplify procurement. Certified channels and partner training programs ensure consistent delivery quality, while joint solution bundles increase customer retention and stickiness.
- Alliances: cloud, security, services
- Marketplaces: AWS, Azure, GCP
- Certified channels: partner programs
- Outcomes: joint solutions boost retention
1,700+ engineers, petabyte telemetry, >9,000 customers
Rapid7s key resources: 1,700+ employees (2024) of security researchers and engineers, petabyte-scale telemetry ingesting millions of events/day, platform IP with microservices and integrations, and >9,000 customers (2024) plus NASDAQ listing RPD and cloud marketplace distribution.
| Resource | Metric | 2024 |
|---|---|---|
| Employees | Headcount | 1,700+ |
| Customers | Installed base | >9,000 |
| Telemetry | Scale | Petabyte; millions events/day |
Value Propositions
Unified risk-to-response
Unified risk-to-response delivers a single platform across vulnerability management, detection and response, and cloud security, cutting tool sprawl that in 2024 left many enterprises running 30–50 discrete security products. Consolidation lowers operational overhead and licensing complexity. Correlated analytics tie exposure to active threats so teams act with context, accelerating decisions that shrink industry-average dwell times (200+ days in 2024) and reduce business risk.
Full-attack-surface visibility
Full-attack-surface visibility discovers on-prem, endpoints, identities, SaaS, and cloud assets to build a context-aware asset inventory with misconfiguration insights. In 2024 the platform mapped assets continuously and correlated telemetry 24/7 to highlight exploitable paths. Prioritization ties exploitability to business impact so teams focus the top risks first. Clear remediation playbooks cut mean time to remediate and improve security posture efficiently.
Automation-driven speed
Built-in playbooks and orchestration in Rapid7 InsightConnect accelerate triage and containment, enabling customers to cut mean time to respond by up to 80% and link findings to fixes via closed-loop workflows; Rapid7 reported FY2024 revenue of approximately $1.06 billion, reflecting expanded automation adoption. Noise reduction with tuned detections reduces alert volumes for many customers by over 60%, so teams achieve more with limited headcount.
Compliance made practical
Policies and reports are mapped to common frameworks and regulations, enabling a single source of truth; Rapid7 reported FY2024 revenue of $1.02B, reflecting broad market adoption. Evidence collection and dashboards streamline audits, continuous monitoring reduces compliance drift, and executive reporting quantifies observed risk reduction.
- Framework mapping: ISO, NIST, SOC
- Audit efficiency: centralized evidence
- Drift control: continuous monitoring
- Risk metric: executive dashboards
Rapid time-to-value
SaaS delivery, prebuilt content and guided onboarding shorten deployment and reduce initial ops. Opinionated defaults provide immediate coverage while out-of-the-box integrations minimize configuration effort. Customers realize measurable outcomes quickly; Rapid7 (NASDAQ: RPD) emphasized SaaS-first productization in FY2024.
- faster deployment
- immediate coverage
- lower config effort
Unified risk-to-response: MTTR up to 80%, alerts >60%
Unified risk-to-response reduces tool sprawl (30–50 products), consolidates VM, XDR and cloud security, and correlated analytics cut decision time versus 200+ day average dwell (2024). Full attack-surface mapping and prioritization speed remediation; InsightConnect automation can cut MTTR up to 80% and reduce alerts >60%. SaaS delivery and guided onboarding supported Rapid7 FY2024 revenue of ~$1.06B.
| Metric | 2024 |
|---|---|
| Revenue | $1.06B |
| Avg dwell | 200+ days |
| Tool sprawl | 30–50 products |
| MTTR cut | up to 80% |
| Alert reduction | >60% |
Customer Relationships
Subscription support tiers
Subscription support tiers map to urgency and complexity with SLAs, ticketing and clear escalation paths; higher tiers include technical account management and dedicated TAMs. Rapid7 reported over $900M revenue in 2024, enabling reinvestment in support. Predictable SLAs and TAM-driven guidance bolster retention, aligning with enterprise security SaaS renewal rates typically above 90%.
Dedicated MDR engagement
Named MDR analysts provide 24/7 monitoring and incident collaboration, with quarterly reviews to align on threats, posture, and improvements. Clear, timely communication during incidents builds trust and reduces operational friction. Outcome reports quantify value—showing ROI, SLA adherence and risk metrics—supporting cost avoidance against the average breach cost of $4.45M reported in 2024 by IBM.
Community & self-service
Knowledge bases, forums and content libraries empower Rapid7 users to self-diagnose and deploy Insight platform features quickly. Playbooks and templates cut ramp time significantly, with self-service adoption linked to ~30% lower support costs and 10–15% higher CSAT in 2024 industry studies. Peer exchange in community forums accelerates best-practice adoption and further reduces ticket volume, lifting overall customer satisfaction.
Onboarding & training
Onboarding and training combine workshops, certifications, and guided deployments to drive role-based enablement for analysts, admins, and executives; Rapid7’s 2024 program emphasizes measurable milestones that track adoption and tie features to real-world workflows to reduce mean time to remediation.
- Workshops: hands-on guided deployments
- Certifications: role-based for analysts/admins/executives
- Milestones: measurable adoption KPIs
- Education: maps features to workflows
Product feedback loops
Advisory boards and structured beta programs directly shape Rapid7s roadmap, translating customer priorities into release plans; in-app feedback and telemetry then drive real-time prioritization and backlog decisions. Co-innovation projects with key accounts ensure enterprise fit and accelerate feature adoption, while faster iteration cycles increase platform stickiness and reduce churn.
- Advisory boards → roadmap alignment
- Beta programs → validated features
- Telemetry → prioritization signals
- Co-innovation → enterprise fit
- Faster iterations → higher retention
$900M revenue + >90% renewals show SLA-backed MDR value
Subscription tiers + TAMs deliver SLA-backed retention; Rapid7 revenue ~$900M in 2024 funds support expansion and correlates with enterprise renewal rates >90%. Named MDR analysts offer 24/7 response and outcome reports tied to ROI; IBM 2024 average breach cost $4.45M underscores value. Self‑service + training cut support costs ~30% and lift CSAT ~10–15%.
| Metric | 2024 Value |
|---|---|
| Revenue | $900M |
| Renewal rate | >90% |
| Avg breach cost | $4.45M |
| Support cost reduction | ~30% |
| CSAT lift | 10–15% |
Channels
Direct enterprise sales
Account executives and solution architects drive complex enterprise deals at Rapid7, using consultative selling to align solutions to measurable risk outcomes; POCs validate fit and accelerate time-to-value, converting engagements into multi-year contracts that boost predictability—supporting Rapid7’s scale, with fiscal 2024 revenue of approximately $1.05 billion.
Channel partners
VARs and GSIs bundle Rapid7 products with services to create turnkey security offerings, extending reach into regional and vertical markets; Rapid7’s partner ecosystem exceeded 1,000 members in 2024 and accounted for roughly half of new bookings that year. Incentives and MDF programs drive joint pipeline development and co-marketing, while partner integration expertise accelerates deployment and time-to-value for customers.
Cloud marketplaces
Presence on AWS, Azure, and GCP simplifies procurement by matching buyers to certified offers and private contracts; Gartner reports worldwide public cloud services spending reached about $591 billion in 2023, underscoring cloud-first procurement. Private offers and cloud credits align to customer cloud budgets, usage-based pricing fits cloud-native buyers, and marketplace onboarding cuts vendor friction and accelerates time-to-value.
Website & self-serve
Trials, demos, and comprehensive documentation drive evaluation on Rapid7s website, feeding a product-led inbound motion that captured rising self-serve interest; Rapid7 reported roughly $1.03B revenue in FY2024, reflecting scale of digital demand. Clear pricing and packaging reduce friction for conversion, while automated digital nurture campaigns increase expansion and upsell within established accounts.
- trials/demos: evaluate product
- inbound PLG: drives signups
- pricing clarity: improves conversion
- digital nurture: fuels expansion
- 2024 revenue: ~$1.03B
Events & community
Webinars, conferences and user groups drive awareness and pipeline; Rapid7 reported $1.08B revenue in FY2024, reflecting scalable demand for community-led growth. Thought leadership (research, breach studies) amplifies credibility; hands-on labs accelerate product adoption; field events fortify partner ecosystems and channel sales.
- Webinars: scalable lead gen
- Thought leadership: research-driven trust
- Hands-on labs: faster adoption
- Field events: stronger partner ties
AEs and solution architects convert POCs to multi-year deals; partners >1,000 power ~50% bookings
Account executives and solution architects drive enterprise deals with POCs that convert to multi-year contracts, supporting Rapid7 FY2024 revenue of ~$1.05B. Partner ecosystem exceeded 1,000 members in 2024 and contributed ~50% of new bookings. Cloud marketplace presence (AWS/Azure/GCP) and PLG trials/demos accelerate procurement and self-serve adoption.
| Metric | Value |
|---|---|
| FY2024 Revenue | $1.05B |
| Partner Members (2024) | >1,000 |
| Partner New Bookings | ~50% |
| Cloud Marketplaces | AWS / Azure / GCP |
| Global Public Cloud Spend (2023) | $591B (Gartner) |
Customer Segments
Mid-market enterprises
Mid-market enterprises run lean security teams that need consolidation and automation to scale, favoring quick-win projects and budget-friendly deployments. MDR augments limited SOC capacity by providing 24/7 detection and response, reducing headcount needs. Cloud marketplace procurement is common, with Gartner forecasting about 75% of organizations will use marketplaces for software purchases by 2025.
Large enterprises
Large enterprises operate complex hybrid and multi-cloud estates, with 98% of organizations using cloud and 87% reporting multi-cloud deployments per Flexera 2024, driving demand for Rapid7 integrations and advanced analytics across environments. Global scale customers require 24/7 support, enterprise SLAs often targeting 99.99% availability, and dedicated account services. Compliance and reporting remain critical for audit, with regulatory mandates increasing security telemetry and retention requirements.
Regulated industries
Regulated customers—financial services, healthcare, and government—demand continuous monitoring, tamper-proof evidence, strict data residency and auditability; vendor risk and third-party assurance are critical as 2024 data shows the average breach cost at about $4.45M and roughly 60% of incidents involve third parties, driving adoption of continuous compliance and FedRAMP/sector-specific controls.
Cloud-native & SaaS firms
Cloud-native and SaaS firms operate in dynamic environments with rapid release cycles, requiring continuous IaC and CSPM posture controls to secure ephemeral infrastructure; Flexera 2024 reports 92% of enterprises pursue multi-cloud strategies. They prioritize API-first integrations and automation for developer velocity and favor usage-based procurement to align spend with consumption.
- Dynamic releases
- IaC & CSPM
- API-first automation
- Usage-based buying
Service providers & consultancies
Service providers and consultancies, especially MSSPs and systems integrators, standardize on platforms that deliver multi-tenant management and automation to scale operations and margin. Co-branded service offerings with vendor-led enablement drive recurring revenue and market reach. Robust APIs and partner enablement programs are required to support integrations, provisioning, and white-labeling at scale.
- Multi-tenant management
- Automation-first operations
- Co-branded revenue models
- Strong APIs & enablement
MDR adoption surges — 75% mid-market buys via marketplaces by 2025
Mid-market firms need consolidated, automated security; MDR reduces SOC headcount and 75% will buy via marketplaces by 2025 (Gartner).
Large enterprises demand hybrid/multi-cloud integrations—98% use cloud and 87% are multi-cloud (Flexera 2024); 99.99% SLAs and strong compliance required.
Regulated and cloud-native customers favor continuous monitoring, IaC/CSPM, API-first automation; average breach cost ~$4.45M (2024).
| Segment | Metric | Primary Need |
|---|---|---|
| Mid-market | 75% marketplace | Automated MDR |
| Enterprise | 98% cloud / 87% multi-cloud | Integrations & SLAs |
| Regulated | $4.45M breach cost | Continuous compliance |
Cost Structure
R&D and product teams
R&D and product teams drive salaries, tooling, and lab costs for continuous innovation, representing a major cost center in 2024 and exceeding 20% of Rapid7s revenue. Content development for detections and playbooks consumes dedicated headcount and contract resources, with ongoing investment in security testing and QA cycles to meet SLAs. Roadmap investment across modules prioritizes cross-product telemetry and automation to accelerate time-to-value and reduce churn.
Cloud infrastructure
Cloud infrastructure costs for Rapid7 center on compute, storage, and egress in a multi-tenant SaaS model, often representing the largest variable OpEx; industry public cloud spend reached about $600B in 2024, underscoring scale pressure. Log ingestion and analytics pipelines drive heavy per-GB costs and real-time query charges. High-availability and disaster-recovery add reserved capacity and cross-region replication premiums. Security and compliance tooling (WAF, SIEM, encryption) add continuous licensing and audit overhead.
Sales & marketing
Rapid7’s Sales & marketing combines field sales, SEs, and partner programs with demand generation, events and content; FY2024 S&M expense totaled $367 million, about 36% of revenue, funding commissions and marketplace fees as well as POC and pilot support costs that accelerate enterprise deals and channel uptake.
Customer success & MDR ops
- Shifts: three 8-hour rotations
- Training: ongoing onboarding and certifications
- Tooling: automation + case management
- Tuning: continuous reporting and SLA tracking
G&A and compliance
- Corporate functions: finance, HR, legal
- Certifications/audits: SOC 2, ISO 27001
- Facilities & remote enablement
- Insurance & governance
R&D >20% of revenue; S&M $367M (36%)
R&D and product engineering form the largest fixed investment, >20% of 2024 revenue as Rapid7 prioritizes detections and telemetry. Cloud infrastructure and data egress drive the largest variable OpEx. S&M was $367M (36% of revenue) supporting sales, partners and pilots. G&A, compliance and MDR ops add predictable SG&A and certification costs tied to $1.02B revenue.
| Cost Category | 2024 $M | % Rev |
|---|---|---|
| R&D | 204 | 20% |
| Cloud | 180 | 17.6% |
| S&M | 367 | 36% |
| G&A | 100 | 9.8% |
Revenue Streams
SaaS subscriptions
Rapid7's SaaS subscriptions drive recurring licenses for vulnerability management, XDR, and cloud security, with subscription revenue accounting for over 90% of total revenue in 2024. Tiered packaging by features and scale enables upsell across SMB to enterprise. Annual and multi-year terms increase ARR visibility and retention. Pricing is per seat, per asset, or per data volume to match customer scale.
MDR services
Rapid7s MDR services deliver 24/7 detection and response with pricing tied to endpoints, log volume, or tiered feature bundles, driving predictable recurring revenue; Rapid7 reported FY2024 revenue of about $1.08 billion. Premium incident response add-ons boost ARPU and one-time services revenue. High retention stems from operational dependency and integrated telemetry, lowering churn and increasing lifetime value.
Professional services
Rapid7 professional services deliver deployments, assessments, and advisory engagements via fixed-scope and time-and-materials models, plus training and certifications to accelerate customer onboarding. In fiscal 2024 Rapid7 exceeded roughly 1.01 billion in revenue, with services driving adoption and expansion across its security platform. Services upsell increases ARR retention by improving product utilization and enabling larger renewals.
Cloud marketplace deals
Cloud marketplace deals for Rapid7 transact via AWS, Azure and GCP marketplaces using private offers and EDP drawdowns to accelerate procurement and reduce friction; co-sell incentives with cloud providers further boost deal volume and channel reach.
- Channels: AWS, Azure, GCP
- Pricing: private offers and EDP drawdowns
- Benefit: faster procurement, lower friction
- Growth driver: co-sell incentives increase volumes
Upsell & cross-sell
Upsell and cross-sell drive revenue by adding modules, data ingestion capacity, and automation packs, while expanding licensing into new teams and regions in 2024; feature upgrades and premium support increase ARPU and retention. The land-and-expand motion systematically raises customer lifetime value through staged expansion and higher-tier adoption. Rapid7 leverages these levers to convert deployments into platform-wide accounts and service contracts.
SaaS-first security: 90%+ revenue; ARR, add-ons lift ARPU & retention
Rapid7's SaaS subscriptions accounted for over 90% of total revenue in FY2024, driving recurring ARR and per-seat/asset/data volume pricing. MDR and premium incident response add-ons raise ARPU via endpoint/log-volume pricing and retain customers. Professional services accelerate adoption, enable expansion, and support renewals.
| Revenue Stream | 2024 contribution | Pricing model | Key metric |
|---|---|---|---|
| SaaS subscriptions | >90% of $1.08B | seat/asset/data | ARR |
| MDR & IR | Not separately disclosed | endpoints/log-volume/tiered | ARPU |
| Professional services | Not separately disclosed | fixed/T&M | adoption |