Rapid7 Earns CREST Certification for Penetration Testing Services

Boston, MA — May 19, 2016

Rapid7, Inc. (NASDAQ: RPD), a leading provider of security data and analytics solutions, has been awarded CREST membership, which recognizes the consistently high standard of service provided by Rapid7. Specifically, Rapid7 was approved for the delivery of penetration testing services, a cornerstone of the Rapid7 Global Services portfolio.

The Company’s penetration testing team performs rigorous assessments to demonstrate the security level of an organization’s key systems and infrastructure, including network, application, mobile, wireless, device, and social engineering assessments. The process identifies and clearly documents the risks posed to an organization from the perspective of a motivated and skilled attacker.

“Penetration testing is a critical component to any comprehensive IT security program, and Rapid7 is very proud of the work our team executes in this sector,” said Rob Attree, EMEA director of sales at Rapid7. “CREST’s commitment to ensuring that organizations adhere to quality processes, delivered by competent and knowledgeable staff is one we take seriously. We’re proud that they found our offering meets its challenging standards and excited by the opportunities the certification will bring.”

CREST works to provide organizations with confidence that they’re hiring qualified individuals with up-to-date knowledge, skills and competence of the latest vulnerabilities and techniques used by real attackers. CREST membership also indicates that penetration testers are supported by a company with appropriate policies, processes and procedures for conducting this type of work and for the protection of client information.

Rapid7 penetration testing teams are renowned experts who conducted more than 900 pen tests last year. They regularly conduct independent research to uncover new vulnerabilities and exploitation tactics. Their research has helped countless security professionals learn how to improve their security posture against the latest threats, and has been presented at conferences around the world.

In addition to penetration testing, the Rapid7 Global Service offering includes:

• Incident Response Services: Industry-leading experts help organizations investigate and respond to security incidents in an efficient and coordinated manner; improves security teams’ threat detection proficiency
• Program Assessment and Development Services: Helps organizations to build security programs that are relevant, actionable, and sustainable through threat–focused program assessment and development services
• Security Awareness Training: Curricula that combines learning theory and subject matter expertise to deliver an online course that is informative and compelling