Metasploit maker Rapid7 gobbles web app security testing firm

Firm hopes you'll squirt some of its sealant gunge into leaky apps

4 Reg comments Got Tips?

Metasploit firm Rapid7 has snapped up web and mobile application security testing company NT OBJECTives (NTO). Financial terms of the deal, announced Monday, were undisclosed.

Rapid7 has folded NTO’s application security testing product, renamed as Rapid7 AppSpider, into its security data and analytics platform to give customers a better handle on web application security risk. The acquired technology -  delivered either via software or in the cloud - bundles automated attack simulation and scanning, among other features.

AppSpider is also capable automatically generating Web Application Firewall (WAF) custom rules that help to protect vulnerable applications while the vulnerabilities are being remediated. The technology integrates with WAFs from F5, Sourcefire, and Imperva.

Web application attacks remain one of the most frequent incident patterns in confirmed breaches, accounting for up to 35 per cent of breaches in some industries, according to the latest edition of Verizon's Data Breach Investigations Report. Flaws in custom web applications in enterprises are a significant factor in many of these breaches, a factor Rapid7 hopes will drive interest in its newly bought technology. ®


Biting the hand that feeds IT © 1998–2020