PRESS RELEASE

San Francisco, CA at the UNITED Security Summit - September 20, 2011 - Governance, Risk and Compliance solutions provider, Brinqa and Rapid7, the leading provider of security risk intelligence solutions, today announced a technology partnership that delivers integrated penetration testing and exploit data with compliance and risk management for the first time. The companies demonstrated the pioneering integration at the UNITED Security Summit, giving attendees insight into the benefits of having meaningful information on real-world exploits and verified vulnerabilities directly imported into a continuous risk management solution used to address Governance, Risk and Compliance (GRC) measures. Now, organizations can run vulnerability scans and penetration tests required by standards such as PCI DSS and leverage the information directly in the tools used to manage the overall compliance process. This significantly reduces the pain associated with meeting the requirements of these standards; increasing productivity and delivering peace-of-mind for business leaders.

"In today's changing threat landscape, it is critical that organizations have an accurate, precise, and meaningful understanding of their security posture and controls performance, both to meet regulatory requirements and to protect themselves and their customers against attacks," said Sheldon Malm, senior director of security strategy and alliances at Rapid7. "By exposing penetration testing data along with vulnerability findings in a platform like Brinqa's, defenders gain far more insight than the simple patch auditing approaches of the past. With that awareness, customers can address security and compliance needs in a way that is practical, productive and fully embedded within operational processes."

Rapid7's vulnerability management solution, Nexpose, and penetration testing tool, Metasploit, combine to give users meaningful security risk intelligence so they can understand and enhance their security posture. Found vulnerabilities are mapped against real-world exploit data, enabling users to prioritize remediation for maximum productivity and impact. Combining this rich data with Brinqa's intuitive GRC platform enables defenders to centralize the intelligence they need within a single risk management platform for in-depth analysis.

Remediation of the high-risk vulnerabilities identified by Rapid7 will be managed within Brinqa's closed loop issue and action tracking process. The information is incorporated into Brinqa's executive level dashboards and easy-to-consume reports to communicate the evidence necessary to support investments in managing risks and preventing data breaches with the largest potential business and operational impacts. This new partnership continues to strengthen Brinqa's Risk Manager, already the leading product offering a centralized view of risk.

"Leveraging Brinqa's advanced risk modeling and Rapid7's Nexpose and Metasploit solutions offers organizations a truly unified view of their risk and most significant vulnerabilities for the first time," said Amad Fida, CEO of Brinqa. "Not only does this partnership uniquely enhance our customers' understanding of their risk posture, but it also provides a cohesive solution for managing risk reduction."

This partnership builds on both companies' commitment to building the risk intelligence and management ecosystem, extending the value delivered to customers through integrated solutions that increase efficiency and effectiveness.

About Brinqa Brinqa provides enterprises and government agencies with governance, risk management, and compliance solutions that enable the continuous improvement of operational and regulatory efficiencies and effectiveness. Brinqa's offering is the most comprehensive available on the market today, based on our forward-thinking vision of a centralized, fully automated, and re-usable governance, risk and compliance (GRC) platform combined with targeted applications to meet program specific GRC needs. Brinqa streamlines compliance through automation, monitoring of controls, measurement of key metrics and visibility through executive dashboards and reporting. For more information please contact us via email at [email protected] or visit us at www.brinqa.com.

About Rapid7

Rapid7' is the leading provider of security risk intelligence solutions. Rapid7's integrated vulnerability management and penetration testing products, Nexpose' and Metasploit', empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7's solutions are being used by more than 1,600 enterprises and government agencies, while the Company's free products are downloaded more than one million times per year and enhanced further by over 125,000 security community users and contributors. Rapid7 has been recognized as one of the fastest growing security companies worldwide by Inc. Magazine and is backed by Bain Capital Ventures.