PRESS RELEASE

BOSTON & SAN JOSE, Calif. --May 25, 2010 -- Rapid7', the leading provider of unified vulnerability management, compliance and penetration testing solutions, and Agiliance, the leading provider of real-time integrated Governance, Risk and Compliance (GRC) solutions, today announced a technology integration that will provide rich vulnerability data, risk metrics, and enterprise compliance intelligence to customers. Armed with this vulnerability, threat and compliance information, organizations can make better informed business decisions to meet internal security policies and meet regulatory compliance requirements.

Organizations are experiencing more threats, both internal and external, and are increasingly turning to GRC solutions to both improve visibility into their enterprise-wide risk posture and automate compliance processes. To meet these critical business needs, Agiliance has integrated its GRC solution, RiskVisionTM, with Rapid7 NeXpose', the only integrated vulnerability management solution that allows organizations to manage network, operating system, Web application and database security strategies. NeXpose also provides the industry’s most comprehensive risk scoring and prioritized remediation reports. By combining rich threat data from NeXpose with RiskVision’s real-time risk and compliance management platform, joint customers now have a robust, closed loop solution that leverages the power of both platforms to proactively manage information security threats.

This unique integration brings together two of the industry’s top solutions. Rapid7 NeXpose received the highest possible rating of “Strong Positive” in Gartner's “MarketScope: Vulnerability Assessment, 2010.” In addition, Agiliance RiskVision received the highest possible rating of “Strong Positive” in the latest Gartner “MarketScope for IT-GRCM.” The integration of NeXpose IT asset and vulnerability data with the continuously monitored asset configuration, patch status and compliance metrics in Agiliance RiskVision allows organizations to understand their complete security posture in real-time. Agiliance’s industry leading workflow and bi-directional integrations with ticketing and patch management systems also enable organizations to automate the prioritization and response to threats based on business priorities.

“GRC is critical for meeting security best practices and protecting business-critical information. Combined with rich vulnerability data and compliance intelligence gathered across the entire IT infrastructure, GRC becomes even more effective,” said Mike Tuchen, president and CEO for Rapid7. “This integration gives joint customers access to richer, prioritized vulnerability and risk data for comprehensive analysis and visibility, even as their business and IT infrastructure continue to grow. Rapid7 provides vulnerability and asset data that no other security company harnesses with our vulnerability management solutions.”

“The integration with Rapid7 further strengthens Agiliance’s industry leading GRC solution, providing complete closed loop risk and compliance automation,” said Joe Fantuzzi, president and CEO for Agiliance. “By linking vulnerability and asset data results from Rapid7 NeXpose to compliance and risk requirements, this integration enables enterprises to achieve continuous compliance with automation and avoid audit fatigue.”

About Rapid7

Rapid7 is the leading provider of unified vulnerability management, compliance, and penetration testing solutions, delivering actionable intelligence about an organization’s entire IT environment. Rapid7 offers the only integrated threat management solution that enables organizations to implement and maintain best practices and optimize their network security, Web application security and database security strategies.

Recognized as the fastest growing vulnerability management company in the U.S. by Inc. Magazine, Rapid7 helps leading organizations such as Liz Claiborne, the United States Postal Service, Carnegie Mellon University and Red Bull to mitigate risk and maintain compliance for regulations such as PCI, HIPAA, FISMA, SOX and NERC. Rapid7 also manages the Metasploit Project, the leading open-source penetration testing platform with the world’s largest database of public, tested exploits. For more information, visit www.rapid7.com.

About Agiliance

Agiliance, founded in 2005, is a leading provider of enterprise Governance, Risk and Compliance (GRC) solutions. Global Fortune 5000 companies leverage Agiliance's award-winning technologies to address increasingly stringent GRC requirements and complex security threats. The Agiliance GRC solution enables organizations to manage their IT, security and operational risks more effectively, while reducing the cost of meeting compliance mandates. Agiliance RiskVisionTM is a fully integrated suite of GRC applications, delivered on a purpose-built GRC technology platform. RiskVision has received the highest rating of "Strong Positive" in the latest Gartner MarketScope for IT-GRCM, as well as the highest rating of "Leader" in the latest Forrester Wave for IT Risk and Compliance Software. For more information, visit www.agiliance.com.