informa
Products & Releases

Rapid7 Sponsors Open Source Projects In Magnificent7 Program

Program created to fuel the success of seven bleeding-edge open source projects
Boston, MA - March 29, 2012 - Rapid7, the leading provider of security risk intelligence solutions, today announced that it will be sponsoring open source projects Androguard and Cuckoo Sandbox throughout the year. This is the first stage in the Magnificent7 Program, an initiative created to fuel the success of seven bleeding edge open source projects and backed by a fund of $100,000. Participants can benefit from both financial support and access to technical, business and marketing expertise and mentors.

Androguard and Cuckoo Sandbox's vision and active community of contributors and users set them apart from the other entrants. The projects were selected for the first round of Magnificent7 sponsorships due to their innovative approach to traditional and mobile-based malware analysis. According to the recent Verizon Breach Report1, malware was involved in 69% of breaches in 2011, making its mitigation a huge priority for security professionals.

"The open source community plays a vital role in the creation of innovative solutions to address the increasingly complex security challenge we all face," said HD Moore, chief security officer of Rapid7 and chief architect of the Metasploit open source project. "Projects like Androguard and Cuckoo Sandbox are using cutting edge technologies to solve once unsolvable problems. With the backing of Rapid7, they will now have the financial, marketing and technical resources available to continue to deliver solutions that address real, critical problems."

The open source projects being supported in the first round of Rapid7's Magnificent7 program are:

Androguard

Androguard, the work of Anthony Desnos and Geoffroy Gueguen, is an advanced tool for the analysis of mobile malware that attacks Android platforms or as Desnos likes to describe it, "a native decompiler of Android applications." Androguard employs a specialized static environment for analysis via the Google Summer of Code-sponsored DroidBox, for which Desnos was a mentor. With the help of the Magnificent7 Program, the Androguard team plans to solidify the reverse engineering sessions, including the integration and amelioration of DroidBox, as well as supporting ARM libraries for analysis. In addition, they aim to create a Graphical User Interface to enhance the user experience.

"Mobile malware is a rapidly growing problem and we're developing Androguard to help defend the most attacked mobile operating system by pulling, analyzing and mitigating Android malware,' said Anthony Desnos, core developer of Androguard. "Working with Rapid7 not only gives us the financial support we need to meet our next round of key developments, it also gives us access to great technical resources to help us develop our vision and strategy for the product."

Cuckoo Sandbox

Cuckoo Sandbox is an application that provides a virtual sandbox for the automatic analysis of malware specimens. Originally developed by Claudio Guarnieri for the Google Summer of Code, the project became so popular it is now a mainstay of the Honeynet Project, a leading international research institution with a special focus on malware. The platform allows for the automatic capture and advanced analysis of dangerous strains of malware in a contained environment. Working with Rapid7 will enable Cuckoo Sandbox to increase its ability to adapt to the user's needs through configurable modules, as well as extending the virtualization capabilities, which include self-protection from the malware specimens.

"The vision of Cuckoo Sandbox is to provide an open source and customizable means of analyzing malware in a safe environment," said Claudio Guarnieri, creator of Cuckoo Sandbox. "Giving the masses an opportunity to dive deep into what kinds of malware are attacking their systems will raise the bar on network security. The Magnificent7 Program will help us develop our marketing and awareness strategies to reach a broader audience and create a more iterative feedback program with our customers. This will help us build the functionality on the technical side to truly address our customers' needs."

If you have an innovative open source project that addresses a problem in the security space, Rapid7 would like to hear from you! Please visithttps://community.rapid7.com/community/open_source/magnificent7 for details on the submission process.

About Rapid7

Rapid7 is the leading provider of security risk intelligence solutions. Rapid7's integrated vulnerability management and penetration testing products, Nexpose and Metasploit, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7's solutions are being used by more than 2,000 enterprises and government agencies in more than 65 countries worldwide, while the Company's free products are downloaded more than one million times per year and enhanced further by over 125,000 security community users and contributors. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a “Top Place to Work” by the Boston Globe. The Company is backed by Bain Capital Ventures and Technology Crossover Ventures. For more information about Rapid7, please visit http://www.rapid7.com.

Recommended Reading: