The company plans to use Velociraptor's technology and insights to build out its own incident response capabilities.

Dark Reading Staff, Dark Reading

April 22, 2021

1 Min Read

Security firm Rapid7 today confirmed its acquisition of Velociraptor, an open source technology and community focused on endpoint monitoring, digital forensics, and incident response.

Velociraptor was built to help digital forensics and incident response (DFIR) professionals collect endpoint incident data, search for malicious activity, and analyze evidence if an attack occurs.

The platform was developed a few years ago by infosec specialist Mike Cohen, who previously worked on Google Rapid Response and Rekall, a memory analysis and forensic framework, along with community contributors.

This community approach lets DFIR professionals using Velociraptor share insight in a single place where it can be accessible to more people. Custom detections and analysis capabilities can be written in queries, which can then be shared so members of the community can hunt for new threats.

Rapid7 plans to continue expanding the Velociraptor community. While there are no plans to make it a commercial product, the company plans to integrate Velociraptor technology into its Rapid7 Insight platform – it has already started by embedding Velociraptor's endpoint data collection capabilities.

Read the full Rapid7 release and blog post for more information.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights