Rapid7 Reports Phenomenal Third Quarter with Growth in Sales, Employees and OEM Partnership

BOSTON – November 7, 2007 – Rapid7, the leading provider of Unified Vulnerability Management (UVM) solutions for large enterprise deployments and small to medium businesses, today announced a 100% revenue increase over last quarter; a result of signing new big name customers and an OEM agreement with a major security provider. In addition to the phenomenal growth, Rapid7 formed new partnerships and strengthened several departments with new employees and seasoned executives.

A leading network antivirus and Internet content security software and services provider has signed an OEM partner agreement with Rapid7. NeXpose will be used for internal network security assessment. In addition to enterprise wide internal use, NeXpose will be an integral part of their Vulnerability Management offering. This $600 million security company plans to market and sell this service to their large customer base in the fields of education, finance, government, healthcare, technology and telecommunications.

With the addition of new customers New York Cyber Security, and Carnegie Mellon the home of CERT and the OEM partnership with a large security vendor, Rapid7’s NeXpose is the number one choice of security experts. In addition to adding top security experts, Rapid7 signed multibillion dollar companies including the largest energy provider on the west coast and Jefferies & Company Inc., a global investment banking and brokerage firm. Also in Q3, Rapid7 welcomed retail giants Liz Claiborne, Black & Decker, and Life Is Good to their list of new clients.

Along with the increase in licensing, Rapid7’s Professional Services Department experienced phenomenal growth. Rapid7’s Professional Services team offers a multitude of security services, most notably PCI Compliance testing. Consumer credit card data protection and privacy is an issue of increasing importance and concern; exhibited in the month of August, when service sales doubled those in the previous month. “We sought out Rapid7 because we take PCI Compliance very seriously,” says Dean Ross, Vice President of Information Technology at new customer Hair Club for Men. “Protecting customers’ information is part of giving the best service possible.” In response to the increase in activity, professional services has expanded the team by bringing in new security consultants and increasing the number of CISSPs.

During Q3, Rapid7 expanded and improved its development team by appointing Chris Moore as the new Vice President of Engineering. The former Head of Risk Management Development for Foundstone and McAfee brings with him 22 years of product development and management skills. Under his leadership, Rapid7’s development team is working towards product enhancements that will add to Rapid7’s network security leadership.

“This has been an outstanding quarter; and I believe it is a testament to both to the quality of our product and Rapid7’s substantial position in the market space” Says Rapid7 CEO Alan Matthews. “We are excited about our growth and expect it to be followed with even more impressive sales next quarter.”

About NeXpose

Rapid7 NeXpose is the broadest and deepest vulnerability management system on the market, providing comprehensive, high performance coverage of networks, databases, operating systems, and Web applications. Only NeXpose provides browser-based Web application vulnerability scanning of Web 2.0 applications and secures the complete Web application - from browser to server. NeXpose detects more vulnerabilities than traditional Web scanners by using Web Application Pass-Through Scanning, a unique capability for exploring how one vulnerability can lead to another.

NeXpose delivers extensive reports assessing risks and proposing streamlined remediation plans to optimize security and compliance with governmental regulations and corporate security policies. Rapid7 is an Approved Scanning Vendor (ASV) by the Payment Card Industry (PCI) Security Standards Council, certifying NeXpose to support retail operations in achieving PCI compliance.

About Rapid7

Rapid7 is a leader in vulnerability management and compliance, delivering a single unified solution across an organization’s entire infrastructure.  Rapid7 NeXpose helps security professionals to reduce their attack surface by providing actionable insights into the real threats from vulnerabilities across their entire IT infrastructure.  Rapid7 NeXpose is the only solution that provides in-depth coverage of vital Web and database systems in addition to networked devices, servers, and operating systems. The NeXpose A.I. and Reporting Engines synthesize large quantities of raw data to provide direct insight into the vulnerabilities that represent the most risk to the business.  From this insight the product delivers a set of prioritized remediation recommendations that help security professionals get protection fast. Organizations, including Black & Decker, Trader Joe’s, Florida State University, the New York Times, and the City of Philadelphia, continually rely on Rapid7 products and services to mitigate risk and remain compliant.