Investing.com -- Stifel downgraded cybersecurity firm Rapid7 Inc (NASDAQ:RPD) to "Hold" from "Buy" as it trimmed its price target to $42 from $48 given a cautious outlook on the vulnerability management (VM) market.
Analyst noted that while Rapid7 has promising offerings like exposure command and potential to improve execution, the VM segment is seen as a lower priority in the cybersecurity landscape.
Boston-based Rapid7, which went public in 2015 at $16 a share, is projected to end fiscal 2024 with about $840 million in revenue.
Despite its roots in VM, the company has broadened its portfolio to include Threat Detection and Response, which now accounts for half of its annual recurring revenue and is growing in double digits.
Risk Management, which makes up the other half of recurring revenue, has faced execution challenges but offers opportunities for up-sell and cross-sell in areas like cloud security and attack surface management, Stifel noted.
Stifel acknowledged Rapid7’s undemanding valuation at 3.5x its estimated 2026 enterprise value-to-revenue and its potential as a takeover target. However, it said further signs of execution progress and greater prioritization of VM are needed to turn more constructive on the stock.