Nassar Saddiq, GM MEA, Rapid7
In this conversation with CXO DX, Nasar Saddiq, General Manager – MEA, Rapid7, discusses the company’s unified approach to exposure management and detection response, its growing channel ecosystem, and how Rapid7 is helping enterprises simplify security operations while enhancing resilience and compliance.
You have a comprehensive cybersecurity portfolio. Can you take us through the broad areas of focus for Rapid7?
Yeah, so Rapid7, you know, we’ve been a cybersecurity company for almost 25 years now. We were quite well known for being in the vulnerability management space, where we really transformed as a company, and it has culminated in us building a platform to help power security operations in two main areas. One is around exposure management; the ability to unify risk, understand the risk posture, and help organizations analyze their security analytics quickly and cost-effectively. The other is our detection and response platform, which gives customers the ability to detect and respond to potential threats and attacks across on-prem, cloud, or hybrid environments. These can be consumed as managed services or through our technology stack, including our MDR services, five-level SOCs, and collector SIEM technology.
This is the first year you exhibited directly at GITEX. What was the focus for Rapid7 this year?
Yes, this was our first year participating independently at GITEX, and it’s a major launchpad for us. We used it to introduce our new local cloud instance, which ensures compliance with UAE data regulations. We’ve received DESC certification, meaning we meet local data-sovereignty requirements. There’s strong demand from regulated sectors, including ministries, municipalities, and the banking sector, for locally hosted solutions. We’re also announcing the establishment of the Rapid7 legal entity in the UAE, which strengthens our local presence and ability to serve both customers and partners in the region.
Tell us about your go-to-market approach and your channel ecosystem.
Our go-to-market strategy is built around our channel. We operate through a two-tier model with distributors representing us across the GCC. They help manage our reseller ecosystem, build relationships with the right partners, and provide pre-sales and technical support in local markets. We also collaborate with local VARs, MSSPs, and system integrators, along with alliance partners. Additionally, we have key relationships with hyperscalers like AWS, and since we host on AWS, being part of that ecosystem supports our long-term scale and growth.
How do you see the convergence of security tools into unified platforms?
We’re seeing significant convergence. Customers want to simplify and consolidate; many had separate solutions for cloud security, vulnerability management, application security, and detection and response. Now, they want unified visibility and open data platforms that allow them to track assets, technologies, and adoption in one place. Our Rapid7 Command platform provides that consolidated view, even integrating third-party data, including from competitive vendors. Customers may have multiple EDR, SIEM, or patch management tools, but through our platform, they can unify all of that under one source of truth.
What about OT security? Is that part of your coverage?
Absolutely. OT security is converging with infrastructure security, and visibility into IoT devices is essential. We integrate with third-party vendors like Honeywell to extend visibility across operational and industrial environments. For example, within vulnerability management, we can perform OT scans and represent them within our platform. We also connect through integrations with OT vendors as part of our attack surface management portfolio. So yes, OT and IoT visibility are fully supported as part of our integration ecosystem.
Do you have a dedicated focus on MSSPs?
Yes, we have an MSSP program for providers who want to consume our technology and build their services around it. They can leverage our exposure management and detection response technologies as collectors or SIEM engines to automate their operations. We also support partners who deliver managed vulnerability and attack surface management services. In addition, Rapid7 provides its own MDR services for customers who prefer to outsource detection and response entirely.
From your interactions with CISOs, what are the major cybersecurity challenges they face today?
The biggest challenge for CISOs and CIOs is demonstrating ROI and building an effective operating model for cybersecurity. Many have tools, services, and products in place, but they struggle to show the board tangible results in reducing risk. Spending on technology is rising, yet breaches are still increasing. Customers now want simplification and consolidation—they need to track value, improve visibility, and communicate measurable security outcomes to their boards. Through our platform, we help them establish a target operating model for cybersecurity that ties technology investments to results. We also focus on promoting cybersecurity culture—helping organizations ensure security awareness permeates HR, finance, and operations. Our field CTOs and advisory practices work closely with customers to elevate maturity and build resilient security cultures. After 25 years in the industry, we see this as core to advancing our mission.
How long has Rapid7 been active in the Middle East?
We’ve been investing in the region for almost ten years. I actually started the Rapid7 operations in the Middle East over eleven years ago. While I was initially based at our headquarters in the UK, we established direct operations locally around seven years ago with our regional office.
What are your key objectives for the months ahead?
Our strategy focuses on supporting regulated markets such as the public sector and financial services. The UAE’s national cybersecurity vision and growing investments in this domain make it a major priority for us. We aim to help government and enterprise customers strengthen their cybersecurity posture and achieve their digital transformation goals securely. That’s our main objective moving forward.
Leave a reply
