The company plans to use Velociraptor's technology and insights to build out its own incident response capabilities.
Security firm Rapid7 today confirmed its acquisition of Velociraptor, an open source technology and community focused on endpoint monitoring, digital forensics, and incident response.
Velociraptor was built to help digital forensics and incident response (DFIR) professionals collect endpoint incident data, search for malicious activity, and analyze evidence if an attack occurs.
The platform was developed a few years ago by infosec specialist Mike Cohen, who previously worked on Google Rapid Response and Rekall, a memory analysis and forensic framework, along with community contributors.
This community approach lets DFIR professionals using Velociraptor share insight in a single place where it can be accessible to more people. Custom detections and analysis capabilities can be written in queries, which can then be shared so members of the community can hunt for new threats.
Rapid7 plans to continue expanding the Velociraptor community. While there are no plans to make it a commercial product, the company plans to integrate Velociraptor technology into its Rapid7 Insight platform – it has already started by embedding Velociraptor's endpoint data collection capabilities.
Read the full Rapid7 release and blog post for more information.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024