Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/30/2012
02:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Rapid7 Sponsors Open Source Projects In Magnificent7 Program

Program created to fuel the success of seven bleeding-edge open source projects

Boston, MA - March 29, 2012 - Rapid7, the leading provider of security risk intelligence solutions, today announced that it will be sponsoring open source projects Androguard and Cuckoo Sandbox throughout the year. This is the first stage in the Magnificent7 Program, an initiative created to fuel the success of seven bleeding edge open source projects and backed by a fund of $100,000. Participants can benefit from both financial support and access to technical, business and marketing expertise and mentors.

Androguard and Cuckoo Sandbox's vision and active community of contributors and users set them apart from the other entrants. The projects were selected for the first round of Magnificent7 sponsorships due to their innovative approach to traditional and mobile-based malware analysis. According to the recent Verizon Breach Report1, malware was involved in 69% of breaches in 2011, making its mitigation a huge priority for security professionals.

"The open source community plays a vital role in the creation of innovative solutions to address the increasingly complex security challenge we all face," said HD Moore, chief security officer of Rapid7 and chief architect of the Metasploit open source project. "Projects like Androguard and Cuckoo Sandbox are using cutting edge technologies to solve once unsolvable problems. With the backing of Rapid7, they will now have the financial, marketing and technical resources available to continue to deliver solutions that address real, critical problems."

The open source projects being supported in the first round of Rapid7's Magnificent7 program are:

Androguard

Androguard, the work of Anthony Desnos and Geoffroy Gueguen, is an advanced tool for the analysis of mobile malware that attacks Android platforms or as Desnos likes to describe it, "a native decompiler of Android applications." Androguard employs a specialized static environment for analysis via the Google Summer of Code-sponsored DroidBox, for which Desnos was a mentor. With the help of the Magnificent7 Program, the Androguard team plans to solidify the reverse engineering sessions, including the integration and amelioration of DroidBox, as well as supporting ARM libraries for analysis. In addition, they aim to create a Graphical User Interface to enhance the user experience.

"Mobile malware is a rapidly growing problem and we're developing Androguard to help defend the most attacked mobile operating system by pulling, analyzing and mitigating Android malware,' said Anthony Desnos, core developer of Androguard. "Working with Rapid7 not only gives us the financial support we need to meet our next round of key developments, it also gives us access to great technical resources to help us develop our vision and strategy for the product."

Cuckoo Sandbox

Cuckoo Sandbox is an application that provides a virtual sandbox for the automatic analysis of malware specimens. Originally developed by Claudio Guarnieri for the Google Summer of Code, the project became so popular it is now a mainstay of the Honeynet Project, a leading international research institution with a special focus on malware. The platform allows for the automatic capture and advanced analysis of dangerous strains of malware in a contained environment. Working with Rapid7 will enable Cuckoo Sandbox to increase its ability to adapt to the user's needs through configurable modules, as well as extending the virtualization capabilities, which include self-protection from the malware specimens.

"The vision of Cuckoo Sandbox is to provide an open source and customizable means of analyzing malware in a safe environment," said Claudio Guarnieri, creator of Cuckoo Sandbox. "Giving the masses an opportunity to dive deep into what kinds of malware are attacking their systems will raise the bar on network security. The Magnificent7 Program will help us develop our marketing and awareness strategies to reach a broader audience and create a more iterative feedback program with our customers. This will help us build the functionality on the technical side to truly address our customers' needs."

If you have an innovative open source project that addresses a problem in the security space, Rapid7 would like to hear from you! Please visithttps://community.rapid7.com/community/open_source/magnificent7 for details on the submission process.

About Rapid7

Rapid7 is the leading provider of security risk intelligence solutions. Rapid7's integrated vulnerability management and penetration testing products, Nexpose and Metasploit, empower organizations to obtain accurate, actionable and contextual intelligence into their threat and risk posture. Rapid7's solutions are being used by more than 2,000 enterprises and government agencies in more than 65 countries worldwide, while the Company's free products are downloaded more than one million times per year and enhanced further by over 125,000 security community users and contributors. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a “Top Place to Work” by the Boston Globe. The Company is backed by Bain Capital Ventures and Technology Crossover Ventures. For more information about Rapid7, please visit http://www.rapid7.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...
CVE-2021-3197
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.