Wolfman1984

Metasploit Sold

9 posts in this topic

October 21, 2009

I'm extremely pleased to announce Rapid7's acquisition of Metasploit, the leading open source penetration testing framework and world's largest database of public, tested exploits. We believe the acquisition deepens our leadership as the leading provider of vulnerability management, compliance and penetration testing solutions and will provide great value for our customers and partners.

As a result of the acquisition, we will leverage Metasploit technology to enhance our vulnerability management solution, Rapid7 NeXposeTM. At the same time we will not only maintain, but accelerate the open source framework Metasploit with dedicated resources and contributions. I’m also pleased to announce that HD Moore, the founder of Metasploit, will be joining Rapid7 full-time as Chief Architect of Metasploit and Chief Security Officer of Rapid7.

I'm excited about this news for a number of reasons:

The acquisition raises the bar to what our industry can expect from all those involved, be they vendors, end-users, partners or community members. Since joining Rapid7, I’ve learned about some of the key principles of network security: defense in depth, continuously identifying and fixing your vulnerabilities, and improving security through continuous investments in people, process, and technology. With this announcement we are embracing the role of industry innovator by providing better protection to you as our client, feeding the community and creating an environment open for dialog about the implementation of security best practices.

As a result of our union, we will be able to bring superior data on exploitability to our customers, helping them to prioritize and remediate key security issues. The exploit data will be directly embedded in our vulnerability management solution NeXpose, providing a whole new level of risk analysis capabilities to our clients, while ensuring that NeXpose, which will continue as a separate product, delivers the safest, most proactive and actionable vulnerability scanning capabilities in the industry.

We're thrilled that HD Moore and other key Metasploit contributors have joined Rapid7 to work full-time on the open source Metasploit Framework code. HD and the team will now have more dedicated resources and support to invest in exploit research and to create a broader penetration testing platform. As part of our support of the community, we will contribute vulnerability data from the NeXpose product to expand the accuracy and reliability of the Metasploit Framework, which will remain open source. It is a true win-win for everyone.

Finally, the combination of NeXpose and Metasploit will enable Rapid7 to continue to grow its relationship with partners and consultants, delivering improved technology and more comprehensive solutions for vulnerability management and penetration testing. Having a broader portfolio will further accelerate our dialog with our partner ecosystem to ensure that our solutions meet their needs.

Over the next weeks we will be providing additional details on our plans so please stay tuned to hear more from us. For additional information, please reference our press release on the acquisition as well as the FAQ below. If you have any feedback or suggestions regarding our announcement, I would love to hear from you.

It appears to be for the good of the project. We'll be able to judge after some time, I guess :P

0

Share this post


Link to post
Share on other sites

Rapid7 huh? Sounds Mmm interesting...

0

Share this post


Link to post
Share on other sites

Never heard of Rapid7 before, but it sounds like all that's changed is the ownership. They apparently hired on HD Moore as a developer, so unless Rapid7 pulls some bullshit it sounds like they basically just got funding.

0

Share this post


Link to post
Share on other sites

Will they still offer it for free.

I remember when some programs were bought, you had to pay for them.

I forget it now, but some password cracker bought by Semantic or something, If I remember right.

Well hope all turns out for the best.

0

Share this post


Link to post
Share on other sites

Will they still offer it for free.

I remember when some programs were bought, you had to pay for them.

I forget it now, but some password cracker bought by Semantic or something, If I remember right.

Well hope all turns out for the best.

0

Share this post


Link to post
Share on other sites

Will they still offer it for free.

I remember when some programs were bought, you had to pay for them.

I forget it now, but some password cracker bought by Semantic or something, If I remember right.

Well hope all turns out for the best.

Yeah he will, he said that it is very important to keep the open source community alive and will keep it completely open source. Maybe they pro version will just come with training or support or something. Hell, even if you pay for it, it's the best to have around. He's the best at what he does - writes code to break stuff.

0

Share this post


Link to post
Share on other sites

Open source it where its at. I for one will defiantly be monitoring the progress of this.

Regards,

Diablo69

0

Share this post


Link to post
Share on other sites

It will have to remain open source or they will have to rewrite large portions of metasploit. Metasploit is made up of a lot of different tools that other developers have made that have either been used as is or modified to be part of the framework. The licenses are mostly various forms of open source so they would have to get the rights to sell the product with those other libraries that they are using.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now