[ISN] Metasploit Project Sold To Rapid7

http://www.darkreading.com/vulnerability_management/security/management/showArticle.jhtml?articleID=220800067

By Kelly Jackson Higgins
DarkReading
Oct 21, 2009

Vulnerability management vendor Rapid7 has purchased the popular 
open-source Metasploit penetration testing tool project and named 
Metasploit founder HD Moore chief security officer of the company.

Moore, who is synonymous with the Metasploit Project , will continue as 
chief architect of Metasploit in his new role at Rapid7. He'll have an 
initial team of five Rapid7 researchers dedicated to the open-source 
project, some of whom already have been regular contributors to 
Metasploit. Financial terms of the deal were not disclosed.

Rapid7 plans to enhance its NeXpose vulnerability management product 
line and its own penetration testing services with Metasploit 
technology. The details on how Rapid7 -- which uses Metasploit in its 
penetration testing engagements -- will productize Metasploit are still 
being ironed out: Corey Thomas, vice president of products and 
operations at Rapid7, says he expects Rapid7 to keep Metasploit as a 
separate product with "high integration" with its existing products. 
"But this is all conjecture at this time," he says.

The goal is to leverage Metasploit's exploit technology to help identify 
which vulnerabilities discovered by NeXpose are actually exploitable, 
according to Thomas. "One of the things our customers have been pushing 
us for is how to get better data and information about their risk," he 
says. "And exploits are the key to that."

Either way, the potential for a commercial version of Metasploit 
represents a major shift in the penetration testing market, where 
vendors such as Core Security and Immunity have offered more 
user-friendly tools for enterprises.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org