PRESS RELEASE

BOSTON, Mass. " March 3, 2009 " Rapid7, the leading provider of unified vulnerability management solutions, today announced its continued growth year over year with a revenue increase by 81 percent in 2008. Through funding from Bain Capital and expertise from new executive team members, Rapid7 added significant product features, launched its PartnerFirst program and attracted new customers across multiple verticals.

The increasing sophistication of intruder attacks using vulnerabilities found across networks, operating systems, databases and Web applications has attracted more organizations to Rapid7's ability to accurately locate threats, assess real risk and provide a streamlined remediation plan. In 2008, the company's total customer count increased by 71 percent, as new customers joined existing customers such as Biogen Idec, Choice Hotels International, Inc., and Hasbro, Inc.

Beyond expanding its customer base, Rapid7 formally launched its PartnerFirst program to build on its existing partner success. As a result, Trend Micro joined Rapid7 to provide a solution that helps safeguard e-commerce and web sites from cyber threats, such as cross-site scripting (XSS), SQL injection, data leaks, XPath injection and bot attacks as well as a broad range of other vulnerabilities.

To help customers and partners combat sophisticated threats, Rapid7 upgraded its vulnerability management product, NeXpose, to provide increased performance, productivity and compliance. Today, NeXpose includes unlimited enterprise-level scanning, full integration with Microsoft Active Directory and Kerberos, severity-based report filtering and SCADA system scanning for critical infrastructure protection. Rapid7 also expanded its Professional Services Organization in 2008 so customers can leverage penetration testing, PCI Compliance testing, Web application security audits, and social engineering assessments to define and test security policies.

"Our success in 2008 and the first half of Q1 in 2009 shows that organizations truly understand the first step in a solid defense-in-depth strategy and the development of a risk profile by accurately capturing vulnerabilities and knowing priorities for remediation," said Mike Tuchen, president and COO. "With the recent additional funding from Bain Capital and our expanded executive team, we'll continue to provide customers and partners the type of services and products that decrease security risks and help achieve compliance and best practices."

As a result of its capabilities and features, NeXpose received a "positive" rating by Gartner in its MarketScope for Vulnerability Assessment in 2008 and was recertified as an Approved Scanning Vendor (ASV) by the Payment Card Industry (PCI) Security Standards Council.

About Rapid7 Rapid7 is a leader in vulnerability management and compliance, delivering a single unified solution across an organization's entire infrastructure. Rapid7 NeXpose helps securities professionals to reduce their attack surface by providing actionable insights into the real threats from vulnerabilities across their entire IT infrastructure. Rapid7 NeXpose is the only solution that provides in-depth coverage of vital Web and database systems in addition to networked devices, servers, and operating systems. The NeXpose A.I. and Reporting Engines synthesize large quantities of raw data to provide direct insight into the vulnerabilities that represent the most risk to the business. From this insight the product delivers a set of prioritized remediation recommendations that help security professionals get protection fast. Organizations, including Black & Decker, Trader Joe's, Florida State University, the New York Times, and the City of Philadelphia, continually rely on Rapid7 products and services to mitigate risk and remain compliant. For more information, visit www.rapid7.com.