Rapid7 Acquires Metasploit

Company Brings Richer Exploit Data to Unified Vulnerability Management Solution; Metasploit Receives Dedicated Resources for Continued Growth and Development

BOSTON--()--Rapid7, the leading provider of unified vulnerability management, compliance and penetration testing solutions, today announced the acquisition of Metasploit, the principal organization behind the open source penetration testing framework and world’s largest database of public, tested exploits, the Metasploit Project. As a result of the acquisition, Rapid7 will leverage Metasploit to enhance its vulnerability management solution, Rapid7 NeXpose™, becoming the only company to deliver a full breadth of security assurance solutions and expertise. Rapid7 will also sponsor dedicated resources and contributions to the standalone, community-driven Metasploit Project to further its growth and success.

With the number of reported vulnerabilities increasing each day, organizations in all industries must seek comprehensive, unified security solutions that continuously prioritize risk, protect business-critical systems and data, and achieve compliance. By acquiring Metasploit, Rapid7 fulfills an industry void by bringing richer exploitability data to customers and partners benefiting from Rapid7 NeXpose, enabling them to better identify, prioritize and remediate critical security issues based on the knowledge of active exploits available. As a result, security teams are able to deliver maximum security benefits without straining limited resources.

“Metasploit and Rapid7 NeXpose are uniquely positioned to improve upon the industry-leading capabilities of both products and to raise the bar on the industry at large,” said Mike Tuchen, president and CEO of Rapid7. “With our broader solution portfolio, we are the first security provider to meet the demand of enterprises and government agencies in enabling them to identify and mitigate exploitable threats in their IT environment based on their security risk profile.”

In addition to expanding its reach to a broader audience as a result of the acquisition, the Metasploit Project can accelerate its open source development plans. Rapid7 is committed to furthering Metasploit’s development and is investing dedicated, full-time resources to achieve the project’s long-standing goals. Metasploit will continue to expand the exploit library and create a broader platform with publicly available exploits, helping organizations stay ahead of the changing threat landscape by providing the same information behind some of today’s malicious attacks.

With this acquisition, Rapid7 also gains additional industry expertise. HD Moore, the Metasploit Project founder and internationally recognized security expert, joins Rapid7’s executive team as chief security officer and will remain Metasploit’s chief architect. As CSO, Moore will continue to drive Metasploit and Rapid7 penetration testing innovation and expansion. Reporting to Moore are other Metasploit members who will join the Rapid7 team solely dedicated to the Metasploit Project’s progress.

“Since 2003, the Metasploit Project has focused on sharing security information and developing cutting-edge security products. This acquisition provides dedicated resources to the project, accelerating our growth and allowing us to provide even better solutions to the community. Rapid7 recognizes the value of the community and is passionate about the success of the project,” said HD Moore, chief security officer and chief architect, Metasploit. “Together, Metasploit and Rapid7 provide the best of both penetration testing and vulnerability management solutions, paving the way to deliver unique capabilities that will vastly improve how security flaws are managed.”

“For a number of years now, open source community security projects have provided important contributions to risk prevention research and technology. Without proper support, however, it can be difficult to keep community projects running and open source software current,” said Diana Kelley, partner and analyst, SecurityCurve. “Rapid7’s stated commitment to provide support for the Metasploit Project community work, while keeping the framework and tools free, means this acquisition can be a win for both teams.”

The combination of NeXpose and Metasploit will enable Rapid7 to continue to grow its relationship with partners and consultants, delivering improved technology and more comprehensive solutions for vulnerability management and penetration testing to help enterprises and government agencies implement and maintain security best practices.

For more information about the Metasploit Project, please visit www.metasploit.com.

For more details regarding the acquisition and Rapid7’s products and services, please go to www.rapid7.com.

About Rapid7

Rapid7 is the leading provider of unified vulnerability management, compliance, and penetration testing solutions, delivering actionable intelligence about an organization’s entire IT environment. Rapid7 offers the only integrated threat management solution that enables organizations to implement and maintain best practices and optimize their network security, Web application security and database security strategies.

Recognized as the fastest growing vulnerability management company in the U.S. by Inc. Magazine, Rapid7 helps leading organizations such as Liz Claiborne, Southern Company, the United States Postal Service, the New York Times, Carnegie Mellon University and the National Nuclear Security Administration (NNSA) to mitigate risk and maintain compliance for regulations such as PCI, HIPAA, FISMA, SOX and NERC . Rapid7 also manages the Metasploit Project, the leading open-source penetration testing platform with the world’s largest database of public, tested exploits. For more information, visit www.rapid7.com.

Contacts

SHIFT Communications for Rapid7
Amanda Munroe, 617-779-1816
press@rapid7.com

Contacts

SHIFT Communications for Rapid7
Amanda Munroe, 617-779-1816
press@rapid7.com