Bain Pours $7M Into Rapid7’s Security Software

Watching the financial markets during a week like this one might make putting your money into “vulnerability management” technology sound pretty attractive.

At least that seems to be the thinking at a few local investment firms. Yesterday, we reported that Greylock Partners and Commonweath Capital Ventures have provided $7.5 million in expansion capital for Waltham, MA-based Ounce labs, which makes software that automatically scans the source code of enterprise applications for security flaws. And today, there’s word that Bain Capital Ventures of Boston has put $7 million into Rapid7, a Boston- and Los Angeles-based software company that makes a “unified vulnerability management” application called NeXpose.

According to Rapid7, NeXpose can scan a business’s entire IT infrastructure—from hardware like routers and wireless hubs to networks, workstations, operating systems, databases, third-party applications, and Web applications—for known security holes that might be exploited by hackers. When the software finds a problem, it can automatically apply patches or upgrades, then re-scan to make sure the hole has been plugged. It can also check whether a company’s systems are in compliance with government accounting and privacy regulations like Sarbanes-Oxley and HIPAA.

According to a company announcement, sales of NeXpose have doubled each year for the past four years—a sign of the corporate world’s growing anxiety about data breaches, which can lead not only to embarrassment but to costly legal settlements. Ben Nye, managing director at Bain’s venture wing, said in a statement that Rapid7 has the potential to “become the go-to technology provider for organizations seeking a superior security solution.”

Rapid7 said it will put the new capital into an expanded global sales and marketing and into upgrading NeXpose to deal more effectively with vulnerabilities in Web applications, database, and networks. At the same time, the company announced the appointments of two new executives: Mike Tuchen, former general manager of marketing for Microsoft’s SQL Server product, who has been named Rapid7’s president and COO, and Timothy O’Toole, a CPA with financial operations experience at BladeLogic and Mzinga, who joins as CFO. Rapid7 co-founder Alan Mathews remains as the company’s CEO and chairman.

Author: Wade Roush

Between 2007 and 2014, I was a staff editor for Xconomy in Boston and San Francisco. Since 2008 I've been writing a weekly opinion/review column called VOX: The Voice of Xperience. (From 2008 to 2013 the column was known as World Wide Wade.) I've been writing about science and technology professionally since 1994. Before joining Xconomy in 2007, I was a staff member at MIT’s Technology Review from 2001 to 2006, serving as senior editor, San Francisco bureau chief, and executive editor of TechnologyReview.com. Before that, I was the Boston bureau reporter for Science, managing editor of supercomputing publications at NASA Ames Research Center, and Web editor at e-book pioneer NuvoMedia. I have a B.A. in the history of science from Harvard College and a PhD in the history and social study of science and technology from MIT. I've published articles in Science, Technology Review, IEEE Spectrum, Encyclopaedia Brittanica, Technology and Culture, Alaska Airlines Magazine, and World Business, and I've been a guest of NPR, CNN, CNBC, NECN, WGBH and the PBS NewsHour. I'm a frequent conference participant and enjoy opportunities to moderate panel discussions and on-stage chats. My personal site: waderoush.com My social media coordinates: Twitter: @wroush Facebook: facebook.com/wade.roush LinkedIn: linkedin.com/in/waderoush Google+ : google.com/+WadeRoush YouTube: youtube.com/wroush1967 Flickr: flickr.com/photos/wroush/ Pinterest: pinterest.com/waderoush/