Rapid7 Launches Security Automation Tools to Take On IBM, FireEye

[Updated 9/20/18, 1:04 pm. See below.] Cybersecurity software firm Rapid7 is rolling out new and updated products geared toward helping customers automate more of their security processes and tie together the patchwork of defense mechanisms many of them have purchased from various vendors.

The announcement fits into two big trends in security of the past few years: increasing investments in automation tools and strategies to relieve the burden on security and IT teams, amid mounting cyber threats and a shortage of skilled workers; and attempts to unify security products and services, as businesses and organizations increase their security budgets but face a dizzying number of options in the market.

“Companies are deploying [security] technology faster than they can maintain it,” argues Rapid7 chief product officer Lee Weiner (pictured above). “Companies have sometimes up to 75 different tools and technologies to manage their threats and attacks. And they don’t work together. They’re siloed.”

The new offerings from Rapid7 (NASDAQ: RPD) build off of the Boston-based company’s acquisition last year of local startup Komand. Founded and led by Threat Stack co-founder Jen Andre, Komand developed software intended to handle monotonous tasks for security teams and seamlessly connect their various tools with a library of software plug-ins offered by the startup. The idea was to make security teams more efficient so they can focus on quickly and effectively responding to cyber threats, while also freeing them up to spend more time on strategy and other big-picture activities.

The acquisition wasn’t a particularly big one. Rapid7 paid $14.8 million in cash, plus it offered potential payments of up to $5 million for hitting certain milestones and it doled out 295,600 shares of restricted Rapid7 stock, worth an aggregate of $5.3 million, to certain Komand employees, according to a document filed this year with the SEC and a company statement e-mailed to Xconomy. But the deal was notable in part because it marked Rapid7’s entrance into the crowded “security orchestration and automation” market. (More on this in a minute.) [Updated with value of stock options.—Eds.]

Today, Rapid7 said it will soon add “InsightConnect” to its set of products and services, which is basically an enhanced version of Komand’s core product that is being hooked up to Rapid7’s cloud-based platform, Weiner says. (Komand’s product has primarily run on servers located at customers’ facilities, he adds.) He says some of the key changes to Komand’s product include making it easier to set up and use, and adding more plug-ins to link the software with customers’ other security and IT technologies.

For now, Rapid7 isn’t phasing out the Komand product or brand name, and it will continue to support Komand’s customers, Weiner says. “Some of those customers might decide they want to use InsightConnect instead,” he adds.

Rapid7 also announced it is integrating more automation capabilities into two of its existing products, focused on vulnerability management and incident detection and response.

The new product and boosted capabilities continue 18-year-old Rapid7’s attempts to transform itself in recent years, expanding beyond its bread and butter software that helps organizations find security flaws in their IT infrastructure and check whether they’ve been corrected (a field known as penetration testing). Rapid7 has invested in data analytics, attack detection and response, automation, and services to help large enterprises manage their security programs.

The moves seem to be paying off. Rapid7 generated $200.9 million in revenue in 2017, up from $157.4 million in 2016 and $60 million in 2013. The company is not profitable, but its $45.4 million net loss last year was smaller than the $49 million net loss the previous year.

Rapid7 has pleased Wall Street—its stock price has doubled over the past year to more than $35 per share, and it’s currently valued at nearly $1.7 billion.

Still, it’s unclear whether Rapid7’s bets on automation and security orchestration will pay off. Plenty of companies are peddling such tools these days, including Milpitas, CA-based FireEye (NASDAQ: FEYE); New York-based Siemplify; Cupertino, CA-based Demisto; IBM (NYSE: IBM), which acquired Boston-area firm Resilient Systems in 2016; and Microsoft (NASDAQ: MSFT), which bought Boston-based Hexadite last year. It remains to be seen whether Rapid7’s products in this area have what it takes to beat the others.

Weiner says Rapid7 tries to differentiate itself by designing its security products so they’re relatively easy to manage, whether the customer has a handful of security employees or an army of them. Rapid7’s platform also handles a lot of the work of collecting data from across a customer’s IT systems, from personal computers to remotely located servers.

“Five to 10 years ago, the onus on collecting that data was always put on the customer,” Weiner says. “We spend a lot of time on making it easy for the data to get in for analysis. From there, the context that the system has for [security] visibility, analytics, and automation is so much better.”

Trending on Xconomy