Company overview
Rapid7 is a cybersecurity platform trusted by thousands of organizations worldwide to unify endpoint-to-cloud exposure management, detection and response. When you're responsible for protecting other companies' infrastructure, there's no margin for error. For Director of Engineering Elaine Hardwick and Program Manager Amanda Jackson, maintaining that rigor at scale meant building a true Engineering Operations function. One that could provide clarity, drive improvement, and eliminate friction across every team, initiative, and incident for their 1,000-person engineering organization.
Key wins
Migrated 3,000 RDS instances across multiple regions in under 2 weeks that would have taken months with manual tracking
Eliminated spreadsheet-based program tracking across all major initiatives, replacing it with a continuously updated single source of truth
Accelerated delivery timelines by weeks through reduced context switching and coordination work
Cut incident response time significantly, giving any engineer on call instant access to ownership, dependencies, and runbooks, regardless of tenure
The challenge: A critical gap in information discovery
In late 2021, Log4shell ground engineering productivity to a halt. Teams across the organization spent days digging through git repositories, spreadsheets, and wikis, desperately trying to surface potentially affected software and figure out who owned what.
"Log4shell took up a ton of the Platform team's time," Elaine recalls. "We were trying to piece together package and ownership information without knowing whether this information was up to date. This sent us into a deep dive of service catalogs like OpsLevel and Backstage to shore up information and shorten time-to-find ownership."
But Log4shell was just the beginning. The deeper problem was that Rapid7 had no operational backbone connecting ownership data, system health, initiative tracking, and developer workflows into a coherent picture. Every function was running independently, and the organization was paying the tax in wasted developer time, stale information, and reactive firefighting.
"We wanted to ask which software was meeting the highest levels of operational maturity," Elaine says. "Has everyone made the switch from core infrastructure to newer modules? Are vulnerabilities actioned on within our SLAs? We wanted this information all in one place, updated automatically, without juggling multiple spreadsheets. That's when we found our way to Cortex."
The solution: Cortex as the Engineering Operations backbone
Rapid7 deployed Cortex to serve as the operational backbone for their engineering organization: centralizing visibility, automating standards enforcement, and embedding operational intelligence directly into developer workflows.
Where teams previously operated in silos, Cortex unified these functions under a common operational layer. Amanda says that the challenge ultimately boiled down to a simple, yet maddening reality about manual tracking:
"Walk away from a spreadsheet for a minute, and it's already stale, making program and software tracking really difficult and noisy for developers. With Cortex, we never have that issue. I can just trust that information is always up to date. Everything is transparently tracked, and we can leave devs alone that have already done what they need to do."
— Amanda Jackson, Program Manager, Rapid7
By centralizing their approach to tracking ownership, system health, and operational priorities, Rapid7's engineering leadership unlocked a new level of operational effectiveness. Instead of spending cycles maintaining spreadsheets, they could finally focus on executing high-impact initiatives.
The results: Weeks of work completed in days
The first win was accelerating a database upgrade initiative that previously would have consumed months of coordination effort. When upgrading 3,000 RDS instances across multiple regions, Cortex identified the right owners, tracked progress in real time, and notified only affected developers with clear instructions and deadlines.
"We went from what would have been months of work to under two weeks," Amanda says. "We could see exactly which instances were left and which teams were responsible."
"Without Cortex, we might have missed an upgrade and caused an outage. Since Cortex pulls directly from resource metadata, we always have the most accurate information without distracting developers."
— Elaine Hardwick, Director of Engineering, Rapid7
The impact extends beyond any single initiative. Cortex transformed how Rapid7 operates as an engineering organization day-to-day and incident response no longer depends on tribal knowledge.
"When we have an incident, the person receiving the notification can head straight to Cortex to view everything they need to know. They can drill down into ownership, on-call, and dependencies, check recent events across all connected tools, and access ReadMes and runbooks, all from one page."
— Amanda Jackson, Program Manager, Rapid7
Conclusion
For a company in the business of protecting its customers' infrastructure, operational excellence isn't optional. Rapid7 recognized that the engineering team's ability to move fast, respond to incidents confidently, and execute complex migrations without disruption was a direct reflection of the operational foundation they'd built with Cortex.
Cortex became the platform that made Engineering Operations a real, functioning discipline. Not a collection of siloed teams with spreadsheets, but a coherent function providing clarity, driving improvement, and removing friction across the entire organization.
"Cortex allows us to move faster and more securely. Without it, we're chasing down details during an incident, throughout a tool swap, or during day-to-day developer operations. There are all things which distract developers from building and shipping quickly. Now all these details are handed to us in a single place that's always up to date."
— Amanda Jackson, Program Manager, Rapid7
Ready to accelerate your engineering initiatives? Book a demo today to see how Cortex can help your team drive efficiency.
