Rapid7, the leading provider of security risk intelligence solutions, today announced that it will be sponsoring open source projects Androguard and Cuckoo Sandbox throughout the year. This is the first stage in the Magnificent7 Program, an initiative created to fuel the success of seven bleeding edge open source projects and backed by a fund of $100,000. Participants can benefit from both financial support and access to technical, business and marketing expertise and mentors.
Androguard and Cuckoo Sandbox's vision and active community of contributors and users set them apart from the other entrants. The projects were selected for the first round of Magnificent7 sponsorships due to their innovative approach to traditional and mobile-based malware analysis. According to the recent Verizon Breach Report1, malware was involved in 69% of breaches in 2011, making its mitigation a huge priority for security professionals.
"The open source community plays a vital role in the creation of innovative solutions to address the increasingly complex security challenge we all face," said HD Moore, chief security officer of Rapid7 and chief architect of the Metasploit open source project. "Projects like Androguard and Cuckoo Sandbox are using cutting edge technologies to solve once unsolvable problems. With the backing of Rapid7, they will now have the financial, marketing and technical resources available to continue to deliver solutions that address real, critical problems."
The open source projects being supported in the first round of Rapid7's Magnificent7 program are:
Androguard, the work of Anthony Desnos and Geoffroy Gueguen, is an advanced tool for the analysis of mobile malware that attacks Android platforms or as Desnos likes to describe it, "a native decompiler of Android applications." Androguard employs a specialized static environment for analysis via the Google Summer of Code-sponsored DroidBox, for which Desnos was a mentor. With the help of the Magnificent7 Program, the Androguard team plans to solidify the reverse engineering sessions, including the integration and amelioration of DroidBox, as well as supporting ARM libraries for analysis. In addition, they aim to create a Graphical User Interface to enhance the user experience.
"Mobile malware is a rapidly growing problem and we're developing Androguard to help defend the most attacked mobile operating system by pulling, analyzing and mitigating Android malware,' said Anthony Desnos, core developer of Androguard. "Working with Rapid7 not only gives us the financial support we need to meet our next round of key developments, it also gives us access to great technical resources to help us develop our vision and strategy for the product."
Cuckoo Sandbox is an application that provides a virtual sandbox for the automatic analysis of malware specimens. Originally developed by Claudio Guarnieri for the Google Summer of Code, the project became so popular it is now a mainstay of the Honeynet Project, a leading international research institution with a special focus on malware. The platform allows for the automatic capture and advanced analysis of dangerous strains of malware in a contained environment. Working with Rapid7 will enable Cuckoo Sandbox to increase its ability to adapt to the user's needs through configurable modules, as well as extending the virtualization capabilities, which include self-protection from the malware specimens.
"The vision of Cuckoo Sandbox is to provide an open source and customizable means of analyzing malware in a safe environment," said Claudio Guarnieri, creator of Cuckoo Sandbox. "Giving the masses an opportunity to dive deep into what kinds of malware are attacking their systems will raise the bar on network security. The Magnificent7 Program will help us develop our marketing and awareness strategies to reach a broader audience and create a more iterative feedback program with our customers. This will help us build the functionality on the technical side to truly address our customers' needs."
1 2012 Data Breach Investigations Report
Rapid7 security analytics software and services reduce threat exposure and detect compromise for 3,000 organizations across 78 countries, including over 250 of the Fortune 1000. We understand the attacker better than anyone and build that insight into our solutions to improve risk management and stop threats faster. We offer advanced capabilities for vulnerability management, penetration testing, controls assessment, incident detection and investigation across your assets and users for virtual, mobile, private and public cloud networks. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.