Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

8/22/2011
01:13 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Rapid7 Launches Open Source Investment Program

Rapid7 has offered a total of $100,000 to split between up to seven projects over the coming year

Boston, MA – August 22, 2011 – Rapid7, the leading provider of security risk intelligence solutions, today announced the creation of a $100,000 investment fund to support up to seven promising open source projects in the security industry. The “Magnificent7” projects will be identified and supported through the remainder of 2011 and into 2012, with the first round of winning projects being evaluated at the upcoming UNITED Security Summit (September 19 - 20, 2011 in San Francisco, CA).

“Dedication to the open source community and a belief in continued innovation through collaboration are just two of the things that drive Rapid7’s success today,” said HD Moore, Rapid7 chief security officer and Metasploit chief architect. “This investment of $100,000 to fund the Magnificent7 program is both a demonstration of our commitment and a way to improve the open source security ecosystem as a whole.”

Any security-related open source project – with a preference for BSD-compatible licensing – is applicable and encouraged to submit a “Magnificent7” application. After the Rapid7 program committee reviews all initial proposals, promising projects will be chosen to participate in the second round of application, taking place at the UNITED Security Summit, where they will be granted a 45-minute presentation and in-person Q&A session with the Rapid7 committee. During their pitch, participants will be judged based on several criteria including a working demonstration of the software and the caliber of their project roadmap. Selected recipient(s) for the first funding phase will be announced following the UNITED Security Summit and the second round will open for submissions in Q1 2012.

As a well-known open source supporter, this program augments Rapid7’s already deep community involvement. In 2009, Rapid7 acquired the Metasploit' Project, which created the most widely used and mature penetration testing solution on the market with more than one million unique downloads and the world’s largest, public collection of quality-assured exploits. In July 2010, Rapid7 followed this by sponsoring and partnering with w3af, the open source Web application attack and audit framework, to expand its collaboration with the open source community and further provide the industry with solutions for securing Web and application infrastructure. Most recently, in June 2011, Rapid7 announced its sponsorship of Openwall’s “John the Ripper” project, supporting the initiative in order to help complete the project’s research.

To submit a nomination for Magnificent7 funding consideration, please visit the Rapid7 Community website for details and guidelines and email the submission to [email protected] All first round submissions are due by September 9, 2011.

All first round participants must be registered to attend the UNITED Security Summit. For more information about the UNITED Security Summit and to register, please visit http://www.unitedsummit.org/.

About Rapid7

Rapid7 is the leading provider of security risk intelligence solutions. Rapid7's integrated vulnerability management and penetration testing products, NeXpose and Metasploit, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7's solutions are being used by more than 1,600 enterprises and government agencies, while the Company's free products are downloaded more than one million times per year and enhanced further by over 125,000 security community users and contributors. Rapid7 has been recognized as one of the fastest growing security companies worldwide by Inc. Magazine and is backed by Bain Capital Ventures.

For more information about Rapid7, please visit http://www.rapid7.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5118
PUBLISHED: 2019-11-18
A Security Bypass Vulnerability exists in TBOOT before 1.8.2 in the boot loader module when measuring commandline parameters.
CVE-2019-12422
PUBLISHED: 2019-11-18
Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack.
CVE-2012-4441
PUBLISHED: 2019-11-18
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.
CVE-2019-10764
PUBLISHED: 2019-11-18
In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve which m...
CVE-2019-19117
PUBLISHED: 2019-11-18
/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.