informa
/
Threat Intelligence
Quick Hits

Rapid7 Acquires Velociraptor Open Source Project

The company plans to use Velociraptor's technology and insights to build out its own incident response capabilities.

Security firm Rapid7 today confirmed its acquisition of Velociraptor, an open source technology and community focused on endpoint monitoring, digital forensics, and incident response.

Velociraptor was built to help digital forensics and incident response (DFIR) professionals collect endpoint incident data, search for malicious activity, and analyze evidence if an attack occurs.

The platform was developed a few years ago by infosec specialist Mike Cohen, who previously worked on Google Rapid Response and Rekall, a memory analysis and forensic framework, along with community contributors.

This community approach lets DFIR professionals using Velociraptor share insight in a single place where it can be accessible to more people. Custom detections and analysis capabilities can be written in queries, which can then be shared so members of the community can hunt for new threats.

Rapid7 plans to continue expanding the Velociraptor community. While there are no plans to make it a commercial product, the company plans to integrate Velociraptor technology into its Rapid7 Insight platform – it has already started by embedding Velociraptor's endpoint data collection capabilities.

Read the full Rapid7 release and blog post for more information.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5