Rapid7 penetrates Metaspolit

Vulnerability management firm Rapid7 has acquired Metasploit, the popular open source dual-use penetration testing and hacking tool. Commercial terms of the deal were not disclosed.

The deal means that the Metasploit project will receive commercial backing, so furthering its development. A non-commercial version of the tool will remain available, so the agreement is comparable with the relationship between open-source intrusion detection tool Snort and Sourcefire.

HD Moore, the founder of Metasploit, will join Rapid7 as the chief architect of Metasploit and chief security officer of Rapid7.

Rapid7 said it will use Metasploit's technology to enhance its NeXpose vulnerability management tool. The security firm pledged to supply vulnerability data from its NeXpose product to “expand the accuracy and reliability of the Metasploit Framework”, which will remain open source.

An FAQ on the deal can be found here. ®