September 2025 Release Notes
The Command Platform release notes include information about what’s new, which are updated monthly, and improvements and fixes, which are updated weekly.
Last updated: September 2nd, 2025
What’s New
Learn about new features across the Command Platform. These features were released over the past month and are available now:
-
Prioritize high-impact fixes with Remediation Hub for Vulnerability Management (InsightVM)
-
Validate internal segmentation controls with Vector Command Advanced
-
Explore Vulnerability Management (InsightVM) with refreshed visuals
Attack surface
Your attack surface is comprised of all of the potential entry points that attackers could exploit across your systems, applications, and networks. Developing knowledge of your attack surface is a key goal in improving your company’s security posture.
Risk
Risk is the potential for loss or damage to your assets, operations, or reputation, due to vulnerabilities being exploited by a bad actor. Security teams must assess the risk level by evaluating the likelihood of a threat occurring and the impact that it would have if realized.
- Prioritize high-impact fixes with Remediation Hub for Vulnerability Management (InsightVM)
- Validate internal segmentation controls with Vector Command Advanced
- Explore Vulnerability Management (InsightVM) with refreshed visuals
Prioritize high-impact fixes with Remediation Hub for Vulnerability Management (InsightVM)
In Vulnerability Management (InsightVM), Remediation Hub is now available to all customers, bringing data-driven remediation guidance to the forefront of your vulnerability management strategy. Powered by the threat-aware Active Risk Score, this feature enables teams to reduce risk faster and more efficiently.
With this capability from Response & Remediation > Remediation Hub, you can:
- Accelerate risk reduction by targeting remediations that eliminate large volumes of vulnerabilities in bulk.
- Minimize rework with intelligent supersedence logic that identifies the most effective fix.
- Maximize team productivity by focusing effort where it has the highest impact.
Validate internal segmentation controls with Vector Command Advanced
In Continuous Red Teaming (Vector Command Advanced), this new managed services offering goes beyond visibility by proving exposure and segmentation effectiveness, bridging the gap between alerts and actionable control validation, and delivering compliance-ready evidence for PCI, ISO, NIST, and internal audits.
With this capability from Findings > Red Team Findings, you can:
- Conduct a goal-based internal penetration test and segmentation test each year.
- Generate compliance-ready evidence for frameworks like PCI, ISO, and NIST.
- Receive persistent reconnaissance of your external attack surface to discover internet-facing assets.
- Review expert-vetted findings to drive prioritization and incorporate expert remediation guidance.
Explore Vulnerability Management (InsightVM) with refreshed visuals
In Vulnerability Management (InsightVM), the cloud-based experience has been updated to align with other user interfaces on the Command Platform. This refresh modernizes colors, fonts, and styling, bringing consistency across the Command Platform without changing how you use our solutions.
With this update in Vulnerability Management, you can:
- Use a consistent and accessible visual language across the Command Platform.
- Navigate without needing to learn new workflows.
- Benefit from updated styling for 30+ components, including buttons, tables, and tooltips.
Threat
A threat is any potential event or action that could exploit vulnerabilities in a system, causing harm to assets, data, or operations. Threats can originate from various sources, including malicious actors, natural disasters, or unintentional human errors.
- Empower faster threat detection with AI-Powered Log Search
- Simplify GCP SCC Alerts with Triage-as-Code
- Add rich asset context to GCP SCC alerts with ICS enrichment
- Enhance Threat Coverage with Migrated Detection Rules
- Visualize detection coverage with MITRE ATT&CK mapping
Empower faster threat detection with AI-Powered Log Search
In SIEM, Managed Detection and Response (MDR), and Managed Threat Complete (MTC), searching logs can be slow and error-prone. Now, you can write queries in plain language to uncover threats more quickly.
With this capability from Alerts > Log Search, you can:
- Generate queries using natural language instead of LEQL syntax.
- Reduce troubleshooting time with proactive, contextual suggestions.
- Improve accessibility for new or non-technical analysts.
Simplify GCP SCC Alerts with Triage-as-Code
In SIEM, MDR, and MTC, alerts from Google Cloud SCC are now automatically translated into plain language using Triage-as-Code (TRaC). This reduces complexity and makes alerts easier to prioritize and act on.
With this capability from Alerts, you can:
- Understand GCP SCC alerts more clearly to speed up triage and response.
- Reduce errors caused by misinterpreting technical alert language.
- Empower less specialized analysts to confidently manage cloud alerts.
Add rich asset context to GCP SCC alerts with ICS enrichment
In SIEM, MDR, and MTC (requires an active Cloud Security account), Google Cloud Security Command Center (SCC) alerts now include deeper context through enrichment from Cloud Security (InsightCloudSec). Asset details, vulnerabilities, misconfigurations, and identity data are added directly to SCC alerts, giving analysts immediate visibility.
With this capability from Alerts, you can:
- Understand GCP SCC alerts more clearly to speed up triage and response.
- Reduce errors caused by misinterpreting technical alert language.
- Empower less specialized analysts to confidently manage cloud alerts.
Enhance Threat Coverage with Migrated Detection Rules
In SIEM, the Detection Library continues to expand, delivering faster and broader threat coverage. This month, seven legacy rules and five third-party source rules have been migrated into the unified library.
With this capability from Intelligence > Detection Rules, you can:
- Detect high-risk activities such as watched or admin-led password resets with new rules.
- View migrated User Behavior Analytics (UBA) rules in a single library.
- Gain faster insights with consistent access to rules.
Upcoming rule retirements:
- LDAP Admin Added
- Blacklisted Authentication
Administration
Administration focuses on refining platform controls, improving navigation, and enhancing user management. Updates streamline permissions, configurations, and logging, creating a more intuitive and efficient experience for administrators.
Sync vulnerability updates using ServiceNow’s new Yokohama AI
In Application Security (InsightAppSec) and Exposure Command, Rapid7’s integrations with ServiceNow ITSM and Application Vulnerability Response (AVR) are now certified on ServiceNow’s Yokohama release. This ensures compatibility and access to new ServiceNow features with no configuration changes required for existing users.
With this capability from ServiceNow’s Appstore, you can:
- Sync vulnerability updates directly to ServiceNow without switching platforms.
- Automatically pull newly discovered vulnerabilities into ServiceNow for streamlined triage.
- Reduce manual data entry and duplication, improving DevOps collaboration.
Improvements and Fixes
Keep track of improvements and fixes to core technology.
Application Security (InsightAppSec) and AppSpider
No updates released at this time.
Cloud Security (InsightCloudSec)
No updates released at this time.
SIEM (InsightIDR)
No updates released at this time.
Vulnerability Management (InsightVM)
Version 8.19.1
Software release date: Sep 01, 2025 | Release notes published: Sep 04, 2025
Fixed:
-
Resolved an issue introduced in version 8.19.0 that impacted navigation during platform user creation. Navigation now behaves as expected.
-
Fixed an issue affecting the scan duration timeout limit, ensuring that scans do not run beyond acceptable thresholds
Nexpose
Version 8.19.1
Software release date: Sep 01, 2025 | Release notes published: Sep 04, 2025
Fixed:
- Fixed an issue affecting the scan duration timeout limit, ensuring that scans do not run beyond acceptable thresholds
Digital Risk Protection (Threat Command)
No updates released at this time.
Rapid7 Agent
No updates released at this time.
Next-Generation Antivirus (NGAV)
No updates released at this time.
Ransomware Prevention
No updates released at this time.
Velociraptor
No updates released at this time.