Rapid7 Acquires Security Orchestration and Automation Company, Komand

  • Company to add Boston-based Komand to Rapid7 Insight platform to increase effectiveness of lean security and IT teams with simplified workflow solutions
  • Rapid7 marries security and IT analytics with business context, and now will offer the ability to automate responses and investigations

Boston, MA — July 18, 2017

Rapid7, Inc. (NASDAQ: RPD), a leading provider of analytics solutions for security and IT operations, has acquired Komand, a security orchestration and automation company, to help its customers reduce time to resolution, maximize resources, and overcome ecosystem complexity. This acquisition enables Rapid7 to address the critical need for orchestration and automation to fill resource gaps that cannot be met by humans alone. Rapid7 is the first organization to unite IT and security analytics and business context with the ability to automate action.

“We are incredibly excited to welcome the Komand team to Rapid7. The need for well-designed security and IT automation solutions is acute; resources are scarce, environments are becoming more complex, all while threats are increasing,” said Corey Thomas, president and CEO of Rapid7. “Security and IT solutions must evolve through context-driven automation, allowing cybersecurity and IT professionals to focus on more strategic activities.”

Rapid7 software solutions have been recognized as offering the most comprehensive data collection and advanced analytics to help IT and security teams manage risk, respond to attacks, and effectively monitor operations. Komand’s orchestration and automation technology will expand Rapid7’s Insight platform’s ability to empower lean security and IT teams to meaningfully increase productivity across their entire operation and reduce the time it takes to respond to an incident. Customers will have the ability to automatically identify risks, respond to incidents, and address issues significantly faster and with less human intervention.

“When we defined the Komand mission, there was one goal to which we repeatedly returned as inspiration: help under-resourced security and IT teams better leverage what they have at their disposal,” said Jen Andre, founder and CEO of Komand. “Rapid7 has demonstrated that they share this vision, made evident by their commitment to the security and IT communities, the genesis and execution of the Insight platform, and the company focus on building solutions that simplify complex processes.” 

The Insight platform with enhanced automation and orchestration

Today, the Rapid7 Insight platform processes more than 56 billion events and monitors millions of assets daily. Through the acquisition of Komand, Rapid7 will be positioned to expand the power of its Insight platform to orchestrate and automate across the security and IT operations ecosystems. A sample of use cases includes automated risk remediation and patching, malware investigation and containment, and chat ops for responding to routine inquiries. Today, the Komand user community and extensible framework, with easy workflow generation leveraging over 150 plugins, is built and designed to foster adoption and usage across companies of all sizes and levels of IT and security maturity.

“We’ve been impressed by the technology developed by the Komand team and believe that together, we’ll be able to build solutions that make security and IT teams significantly more productive,” said Lee Weiner, chief product officer at Rapid7. “The complexity of today’s security and IT ecosystems have put security and IT operations teams at a significant disadvantage when they need to respond quickly. By developing contextualized automation technology, we’ll be able to cut back the time it takes to respond to an incident—when minutes can mean the difference between a minor issue and significant compromise or loss.”

The acquisition of Komand is not expected to have a material financial impact to Rapid7’s calculated billings, revenue, and non-GAAP earnings (loss) per share for calendar year 2017, as guided on May 9, 2017.

Inducement Grants under NASDAQ Listing Rule 5635(c)(4)

In order to induce Komand’ employees to join and to retain and incentivize them going forward, Rapid7 has granted restricted stock unit awards for 270,000 shares of its common stock to 12 individuals who became employees of Rapid7. These awards were approved by the compensation committee of its board of directors, and were issued on July 12, 2017 under and pursuant to the terms of Rapid7’s 2015 Equity Incentive Plan, as amended (the “Plan”) and in accordance with NASDAQ Listing Rule 5635(c)(4).
Each inducement award will vest over four years, with 25% of the original number of shares underlying such award vesting on July 15, 2018 and 6.25% of the original number of shares underlying each such award vesting on each quarterly anniversary thereafter, subject, in each case, to continued service with Rapid7 on each applicable vesting date. In addition, these awards are subject to possible accelerated vesting under certain circumstances. The inducement awards were made under a separate share reserve under the Plan designated for awards to be made to new employees of Rapid7 as an inducement material to such persons entering into employment with Rapid7 that was not approved by Rapid7’s stockholders and are intended to be granted pursuant to and in accordance with Nasdaq Listing Rule 5635(c)(4).

About Komand

Komand is a security orchestration and automation platform that gives security teams the power to quickly automate and streamline security operations, with no need for code. Teams can integrate their tools, build automated workflows, and utilize human decision points to accelerate incident response and move security initiatives forward, faster. Komand was founded by Jen Andre, an industry veteran who formerly co-founded Threat Stack, with a team that boasts a cybersecurity pedigree from FireEye Mandiant, Symantec, IBM, CounterTack, MITRE, Carbon Black, Recorded Futures, and OpenNSM.

About Rapid7

Rapid7 (NASDAQ:RPD) is trusted by IT and security professionals around the world to manage risk, simplify modern IT complexity, and drive innovation. Rapid7 analytics transform today’s vast amounts of security and IT data into the answers needed to securely develop and operate sophisticated IT networks and applications. Rapid7 research, technology, and services drive vulnerability management, penetration testing, application security, incident detection and response, and log management for more than 6,300 organizations across more than 120 countries, including 39% of the Fortune 1000. To learn more about Rapid7 or join our threat research, visit www.rapid7.com

Cautionary Language Concerning Forward-Looking Statements

This press release includes forward-looking statements. All statements contained in this press release other than statements of historical facts, including, without limitation, statements regarding the expected benefits of the acquisition of Komand and the solutions that Rapid7 will develop with the Komand technology, including contextualized automation technology, and the expected benefits of such solutions and Rapid7’s expectation regarding the impact of the Komand transaction on Rapid7’s calculated billings, revenue, and non-GAAP earnings (loss) per share for calendar year 2017 are forward-looking statements. The words “anticipate,” “believe,” “continue,” “estimate,” “expect,” “intend,” “may,” “will” and similar expressions are intended to identify forward-looking statements. We have based these forward-looking statements largely on our current expectations and projections about future events and financial trends that we believe may affect our financial condition, results of operations, business strategy, short-term and long-term business operations and objectives and financial needs. These forward-looking statements are subject to a number of risks and uncertainties, including, without limitation, our ability to innovate and offer products and professional services that address the dynamic threat landscape, our ability to innovate and manage our growth, our ability to integrate acquired operations, as well as other risks and uncertainties set forth in the “Risk Factors” section of our Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission for the period ended March 31, 2017 filed with the Securities and Exchange Commission on May 10, 2017, and subsequent reports that we file with the Securities and Exchange Commission. Moreover, we operate in a very competitive and rapidly changing environment. New risks emerge from time to time. It is not possible for our management to predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties and assumptions, we cannot guarantee future results, levels of activity, performance, achievements or events and circumstances reflected in the forward-looking statements will occur. We are under no duty to update any of these forward-looking statements after the date of this press release to conform these statements to actual results or revised expectations, except as required by law. You should, therefore, not rely on these forward-looking statements as representing our views as of any date subsequent to the date of this press release.

Press Contact

Rachel E. Adam

Senior PR Manager



Investor Contact

Jeff Bray

Vice President, Investor Relations