ArcSight and Rapid7 Help Customers Maximize Their Intelligence on Risk in Their IT Environment

ArcSight and Rapid7 Collaborate to Protect Customers' Information Assets by Greatly Minimizing System Penetration and Centrally Managing Information Risk

Boston, MA and Cupertino, CA - May 31, 2006 - Rapid7 LLC, provider of enterprise vulnerability and risk management, and ArcSight, Inc, a global leader in Enterprise Security Management (ESM) software, today announced the interoperability of Rapid7's NeXpose with the ArcSight ESM solution. This interoperability will enable customers to enhance detection and minimize penetration of vulnerable systems in their networks. The joint Rapid7 and ArcSight solution will help customers precisely pinpoint the risk level of certain vulnerabilities in their IT environments, correlate this information for real-time monitoring to reduce false positives, and diminish downtime while increasing productivity. The solution will also allow customers to respond to security threats and improve overall compliance with key government regulations, including privacy laws and Sarbanes-Oxley.

The new ArcSight SmartConnector for Rapid7's NeXpose collects exported reports from the NeXpose vulnerability scanner and correlates the results in ArcSight ESM with data from other security events, such as those logged in firewalls and intrusion prevention/detection systems. ArcSight then uses the vulnerability scan information to determine whether an impending threat is relevant to the targeted assets and if so, whether those assets are in fact vulnerable to the attack. By combining that information with asset criticality, the ArcSight SmartConnector can help raise or lower the priority of security events that would otherwise lack asset or vulnerability context. This approach dramatically reduces the number of false positives and false negatives and eliminates the significant cycles of manual threat prioritization. Working jointly, ArcSight and Rapid7 can provide customers with an advanced risk analysis of all perimeter, compliance and insider threats in the enterprise.

"The Rapid7/ArcSight solution allows our security engineers to save time looking at each security event and to eliminate false positive alerts," said David Rippel, project manager for the Internet and security team at Hillsborough County, Florida. "Rapid7's NeXpose delivers highly reliable vulnerability scan data, which is leveraged by ArcSight's real-time correlation to incorporate relevance, susceptibility, and criticality in accurately prioritizing events and providing a strong risk-based prioritization model."

A 2005 CSI/FBI Computer Crime and Security Survey reported that the average losses associated with criminal acts perpetrated through vulnerable systems has risen dramatically — an increase in average loss of respondents due to unauthorized information access from $51,545 in 2004 to $303,234 in 2005 and an increase in average loss of respondents due to theft of proprietary information from $168,529 in 2004 to $355,552 in 2005.

"Our joint solution with Rapid7 allows our customers to better assess the security of their business-critical systems through enhanced detection and prevention of vulnerabilities, while reducing the number of false positives. The interoperability between NeXpose and ArcSight allows threats targeting critical but vulnerable assets to be remediated in a timely manner while also complying with governmental regulations," said Vijay Iyer, VP of Business Development at ArcSight.

"This interoperability was developed to respond to the needs of Hillsborough County's (FL) Internet and Security Team," said Alan Matthews, president of Rapid7 LLC. "By enabling our technologies to interoperate, we are delivering a powerful solution for enterprises that want to maximize security threat management and protection of their critical assets."

About ArcSight

ArcSight, a leader in Enterprise Security Management (ESM), provides real-time threat management and compliance reporting yielding actionable insights into security data. By comprehensively collecting, analyzing and managing ecurity data, ArcSight ESM enables enterprises, government organizations and managed security service providers to centrally manage information risk more efficiently. ArcSight's customer base includes leading global companies across many verticals -- and more than 20 U.S. federal agencies.

For more information about ArcSight, please visit www.arcsight.com.

About NeXpose

Rapid7 NeXpose is the broadest and deepest vulnerability management system on the market, providing comprehensive, high performance coverage of networks, databases, operating systems, and Web applications. Only NeXpose provides browser-based Web application vulnerability scanning of Web 2.0 applications and secures the complete Web application - from browser to server. NeXpose detects more vulnerabilities than traditional Web scanners by using Web Application Pass-Through Scanning, a unique capability for exploring how one vulnerability can lead to another.

NeXpose delivers extensive reports assessing risks and proposing streamlined remediation plans to optimize security and compliance with governmental regulations and corporate security policies. Rapid7 is an Approved Scanning Vendor (ASV) by the Payment Card Industry (PCI) Security Standards Council, certifying NeXpose to support retail operations in achieving PCI compliance.

About Rapid7

Rapid7 is a leader in vulnerability management and compliance, delivering a single unified solution across an organization’s entire infrastructure.  Rapid7 NeXpose helps security professionals to reduce their attack surface by providing actionable insights into the real threats from vulnerabilities across their entire IT infrastructure.  Rapid7 NeXpose is the only solution that provides in-depth coverage of vital Web and database systems in addition to networked devices, servers, and operating systems. The NeXpose A.I. and Reporting Engines synthesize large quantities of raw data to provide direct insight into the vulnerabilities that represent the most risk to the business.  From this insight the product delivers a set of prioritized remediation recommendations that help security professionals get protection fast. Organizations, including Black & Decker, Trader Joe’s, Florida State University, the New York Times, and the City of Philadelphia, continually rely on Rapid7 products and services to mitigate risk and remain compliant.