Rapid7 Boosts Web Application Security With NT OBJECTives Buy

With the acquisition of NT OBJECTives, Rapid7 expands its Web application scanning and security capabilities.


Security vendor Rapid7 announced today that it has acquired privately held NT OBJECTives (NTO). With the acquisition, Rapid7 seeks to further expand its Web application security capabilities.

While Rapid7 made the formal acquisition announcement today, Lee Weiner, senior vice president of engineering and products at Rapid7, said the deal officially closed on April 30. Financial terms of the deal are not being publicly disclosed at this time.

"The entire NTO team is joining Rapid7 immediately—there is a lot of strong synergy across our teams," Weiner told eWEEK. "The entire NTO team brings a lot of experience and skill to the table, the type of industry knowledge you can't overvalue."

Rapid7 is well-known in the security industry for its Metasploit penetration testing and Nexpose vulnerability management applications. In December 2014, Rapid7 raised $30 million in a Series D round of funding, bringing total funding to date for the company to $91 million.

NTO's core product is the NTO Spider application security scanner. NTO Spider is being rebranded as Rapid7 AppSpider Pro, and it will be on this product where the current NTO team will focus their efforts. Dan Kuykendall, co-CEO and CTO at NTO, will lead the charge on AppSpider as senior director of application security products at Rapid7.

"The name has changed, but the technology is the same," Kuykendall told eWEEK. "We plan to continue developing and innovating, as we have been for the last decade, while working on integration points with the other products in the Rapid7 suite."

The NTO Spider platform also includes NTOEnterprise, which is being rebranded by Rapid7 as AppSpider Enterprise. NTOEnterprise provides organizations with the ability to manage application scanning and testing across thousands of applications.

All of NTO's products have been merged into the Rapid7 product plans, according to Kuykendall. For example, the functionality of NTODefend, which enables organizations to build Web Application Firewall (WAF) rules to block vulnerabilities, will be integrated and included with Appsider Pro and Enterprise, he said.

NTO also backed an open-source project called Hackazon for Web application testing, which Kuykendall said may at some point get a name change as well. Rapid7 is no stranger to open source, with Metasploit being just one example of an open-source effort the company supports.

"Hackazon will continue to be open-source and will join the growing list of open-source products that Rapid7 supports," Weiner said. "We are looking forward to joining their GitHub community and connecting with their other amazing projects and developers."

With the addition of the AppSpider platform, Weiner expects Rapid7 customers to get more capabilities to enhance existing Web security efforts. Rapid7's existing Web application scanning capabilities that are included in Nexpose are sufficient for helping customers assess basic compliance needs across Web applications, he said.

"As more companies move to cloud and mobile environments, and as Web applications continue to evolve, we wanted to ensure we had a more complete and sophisticated solution to meet the needs of enterprises with broad exposure to Web and mobile application risk," Weiner said. "NTO has been singularly focused on this type of risk, and we are very happy to incorporate that deep thinking and problem solving skill set into Rapid7."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.