Although Rapid7 is a commercial security risk intelligence firm, Matthews and his team remain committed to the idea of open source security software and, back in late August, announced plans to invest $100,000 in funding seven open source software projects – dubbed the Magnificent7 – in the year ahead.
According to Matthews, under the project – the review process for which continues apace – the firm is looking for open source projects that bring value to the infosecurity ecosystem by taking an innovative approach to addressing security challenges.
Chosen projects, he explained, will receive funding in three phases: an initial outlay, and then two further sums tied to the delivery of pre-agreed milestones.
The investment in the project comes after Rapid7 has had a very positive experience with the Metasploit open source project, which Rapid7 acquired – at the time of the acquisition, the project had 25,000 users, and now it has 125,000 users, Infosecurity notes.
In addition to supporting Metasploit, Rapid7 also has acquired – or financially supported – the w3af and the 'John the Ripper' project. Against this backdrop, the Magnificent7 investment is quite logical, Matthews told Infosecurity.
As a well-known open source supporter, Matthews says that Magnificent7 augments Rapid7's already deep community involvement. In 2009, Rapid7 acquired the Metasploit project, which created the most widely used and mature penetration testing solution on the market with more than one million unique downloads and the world's largest, public collection of quality-assured exploits.
In July 2010, the firm followed this by sponsoring and partnering with w3af – the open source web application attack and audit framework – to expand its collaboration with the open source community and further provide the industry with solutions for securing web and application infrastructures.
And in June of this year, Rapid7 announced its sponsorship of Openwall's 'John the Ripper' project, supporting the initiative in order to help complete the project's research.