NTO's product has been renamed to Rapid7 AppSpider

May 5, 2015 16:58 GMT  ·  By

Rapid7 takes another step towards expanding its security offer by purchasing privately-owned NT OBJECTives (NTO), developer of NTOSpider, a vulnerability assessment tool for mobile, web and cloud applications.

The products in NTO’s portfolio have attracted the attention of Fortune 500 companies, as they provide an approach for detecting security flaws in all modern technologies that can be customized for the needs of each organization.

Web app attacks account for a significant number of breaches

The first move following the acquisition was to rename NTO’s solution to Rapid7 AppSpider, which continues to be available to customers, preserving the previous features for identifying vulnerabilities and monitoring applications for changes.

According to the latest data breach investigations report from Verizon, web apps are a prevalent attack vector in the case of successful breaches, accounting for 35% of incident patterns.

“To truly manage and reduce threats, organizations require solutions that collect and analyze data across modern business infrastructure, including users, mobile assets, cloud data stores, and web applications,” says Corey Thomas, president and CEO at Rapid7.

He added that NTO's web application scanning technology will be an important component in Rapid7’s IT Security Data and Analytics platform, offering organizations a way to meet such a challenge.

More efficient solutions are expected

Dan Kuykendall, co-CEO and CTO at NTO, says the new environment provides the possibility to develop innovative solutions that can help companies stay ahead of web-based attacks.

Rapid7’s portfolio includes software and services for reducing the risk of a breach, as well as for investigating cyber-attacks.

The solutions available from the company include real-time data collection, correlation of information from previous events, and analysis of the techniques used by the attacker.

To consumers, the company is better known for its Metasploit product used for penetration testing purposes.

The acquisition was completed on April 30 and the financial details of the deal have not been disclosed by either party.