Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

8/22/2011
01:13 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Rapid7 Launches Open Source Investment Program

Rapid7 has offered a total of $100,000 to split between up to seven projects over the coming year

Boston, MA – August 22, 2011 – Rapid7, the leading provider of security risk intelligence solutions, today announced the creation of a $100,000 investment fund to support up to seven promising open source projects in the security industry. The “Magnificent7” projects will be identified and supported through the remainder of 2011 and into 2012, with the first round of winning projects being evaluated at the upcoming UNITED Security Summit (September 19 - 20, 2011 in San Francisco, CA).

“Dedication to the open source community and a belief in continued innovation through collaboration are just two of the things that drive Rapid7’s success today,” said HD Moore, Rapid7 chief security officer and Metasploit chief architect. “This investment of $100,000 to fund the Magnificent7 program is both a demonstration of our commitment and a way to improve the open source security ecosystem as a whole.”

Any security-related open source project – with a preference for BSD-compatible licensing – is applicable and encouraged to submit a “Magnificent7” application. After the Rapid7 program committee reviews all initial proposals, promising projects will be chosen to participate in the second round of application, taking place at the UNITED Security Summit, where they will be granted a 45-minute presentation and in-person Q&A session with the Rapid7 committee. During their pitch, participants will be judged based on several criteria including a working demonstration of the software and the caliber of their project roadmap. Selected recipient(s) for the first funding phase will be announced following the UNITED Security Summit and the second round will open for submissions in Q1 2012.

As a well-known open source supporter, this program augments Rapid7’s already deep community involvement. In 2009, Rapid7 acquired the Metasploit' Project, which created the most widely used and mature penetration testing solution on the market with more than one million unique downloads and the world’s largest, public collection of quality-assured exploits. In July 2010, Rapid7 followed this by sponsoring and partnering with w3af, the open source Web application attack and audit framework, to expand its collaboration with the open source community and further provide the industry with solutions for securing Web and application infrastructure. Most recently, in June 2011, Rapid7 announced its sponsorship of Openwall’s “John the Ripper” project, supporting the initiative in order to help complete the project’s research.

To submit a nomination for Magnificent7 funding consideration, please visit the Rapid7 Community website for details and guidelines and email the submission to [email protected] All first round submissions are due by September 9, 2011.

All first round participants must be registered to attend the UNITED Security Summit. For more information about the UNITED Security Summit and to register, please visit http://www.unitedsummit.org/.

About Rapid7

Rapid7 is the leading provider of security risk intelligence solutions. Rapid7's integrated vulnerability management and penetration testing products, NeXpose and Metasploit, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7's solutions are being used by more than 1,600 enterprises and government agencies, while the Company's free products are downloaded more than one million times per year and enhanced further by over 125,000 security community users and contributors. Rapid7 has been recognized as one of the fastest growing security companies worldwide by Inc. Magazine and is backed by Bain Capital Ventures.

For more information about Rapid7, please visit http://www.rapid7.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/1/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13775
PUBLISHED: 2020-06-02
ZNC before 1.8.1-rc1 allows attackers to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network.
CVE-2020-12607
PUBLISHED: 2020-06-02
An issue was discovered in fastecdsa before 2.1.2. When using the NIST P-256 curve in the ECDSA implementation, the point at infinity is mishandled. This means that for an extreme value in k and s^-1, the signature verification fails even if the signature is correct. This behavior is not solely a us...
CVE-2020-13764
PUBLISHED: 2020-06-02
common.php in the Gravity Forms plugin before 2.4.9 for WordPress can leak hashed passwords because user_pass is not considered a special case for a $current_user->get($property) call.
CVE-2020-13760
PUBLISHED: 2020-06-02
In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF.
CVE-2020-13761
PUBLISHED: 2020-06-02
In Joomla! before 3.9.19, lack of input validation in the heading tag option of the "Articles - Newsflash" and "Articles - Categories" modules allows XSS.