Rapid7 Acquires Open-Source Community Project Velociraptor
Application Security
,
Cloud Security
,
Endpoint Detection & Response (EDR)
Zscaler Is Also Boosting Cloud Capabilities by Picking Up Trustdome
Rapid7 is acquiring Velociraptor, an open-source, endpoint-monitoring, digital forensics and incident response organization and professional community that it will continue to operate as a stand-alone entity while Rapid7 adopts some of its technology.
See Also: Live Webinar | Software Security: Prescriptive vs. Descriptive
The security analytics and automation company reported the deal on Wednesday and said it will use Velociraptor’s technology to enhance its incident response capabilities. At the same time, it will continue to help support and build the Velociraptor open-source community, Rapid7 says.
“We strongly believe that partnership with the open-source community is one of the most important ways to move the security industry forward and make the digital world a safer place for everyone,” says Richard Perkett, senior vice president of detection and response at Rapid7.
The deal has Rapid7 acquiring the rights to the Velociraptor IP, which is made available under an open-source license. The organization is also responsible for supporting the community of developers and analysts who use and contribute to the project. Rapid7 has now taken that over and will work to support the growth of the community, the company says.
Neither party indicated how many participants are currently involved in Velociraptor’s open-source community.
Rapid7 says it has no plan to monetize Velociraptor, but Sam Adams, vice president of engineering at Rapid7, says the company will utilize Velociraptors’ technology.
“We also plan to embed the Velociraptor Project into the Rapid7 Insight platform, allowing our customers to benefit from this amazing technology and community,” he says.
The companies did not reveal the financial details, but Rapid7 notes the acquisition is unlikely to affect the company’s financial results for 2021.
Velociraptor Capabilities
The open-source project was created in 2020 and is operated by its founder, Mike Cohen, formerly of Google’s incident response team. He will move over to Rapid7 and join its Detection and Rapid Response team, where he will continue his work to build Velociraptor’s community, Rapid7 says.
Cohen says he created the site to give cybersecurity practitioners a way to hunt and monitor activities across fleets of endpoints for specific artifacts as they respond to cyber incidents.
Adams notes the tools Velociraptor provides help incident response teams rapidly collect and examine artifacts from across a network and deliver forensic detail following a security incident. In the event of an incident, he says, an investigator can use Velociraptor agents to hunt for malicious activity, run targeted collections, perform file analysis and pull large data samples.
“As a first step to integrating Velociraptor into the Rapid7 Insight platform, we’ve already embedded Velociraptor’s endpoint data collection capabilities into our Insight agent, saving critical time as our MDR team pivots from monitoring their environment to responding to an incident,” he says.
Zscaler and Trustdome
The cloud security firm Zscaler on April 15 agreed to acquire the cloud infrastructure entitlement management firm Trustdome.
Zscaler says it will use the Trustdome acquisition to strengthen the company’s cloud protection capabilities by bringing on technology that will enable its customers to enforce least privilege principles across multi-cloud environments.
In addition, Zscaler says bringing on board an Israel-based firm will increase the company’s global footprint.
The deal is expected to close before Zscaler’s third fiscal quarter ends on April 30. It is also subject to the satisfaction of customary closing conditions, the company says.
The two parties did not release the financial details of the acquisition.