Re: Metasploit Rising

[David Maciejak <david.maciejak () gmail com>]

Congrats to the team, keep up the good work !

Regards,
david

On Wed, Oct 21, 2009 at 3:03 PM, HD Moore <hdm () metasploit com> wrote:
> I created the Metasploit Project over six years ago as way to publish
> security information to those who needed it most, the security
> professionals in the field. The project has evolved from a personal web
> site, to a collaborative effort with a small group of friends, and
> finally to the robust community-driven project that we know today. This
> progress came at the cost of the evenings, lunch hours, early mornings,
> and weekends of countless contributors who donate their time for the
> benefit of the community. The volunteer nature of the project has lead
> to innovation in niche areas and has driven research across a wide range
> of topics.
>
> During this time, Metasploit has always been a hobby; something I enjoy
> working on when my current job isn't monopolizing my free time. The
> project has always taken a back seat to the demands of day to day
> employment and this has created a bottleneck in terms of project growth.
> We now receive far more contributions, feature requests, and bug reports
> that the core team can keep up with in their free time. The project has
> come a long way, but nearly all patches, module submissions, and new
> features are still processed by only a few people. The time it takes for
> us to cut a release has increased as well; it has been almost a year
> since the last stable version of the Framework was released, with
> hundreds of new features  in the development tree, but no time to test
> them well enough to consider them ready for a stable release.
>
> All of this is changing. I am excited to announce that Metasploit has
> been acquired by Rapid7 and that myself and Egypt will be working on
> Metasploit as our full-time jobs. I will be taking on the role of Chief
> Security Officer of Rapid7 as well as Chief Architect of Metasploit.
> Egypt will join as our first core developer. In addition, we are hiring
> an exploit developer, user interface designer, and mostly importantly, a
> QA engineer, all dedicated to making the Metasploit Framework the best
> penetration testing product available. Rapid7 has committed to keeping
> the project open source, with no plans to change the license or the
> community development model. What will be changing is how fast we add
> new exploits, integrate new features, and release new versions. By
> backing Metasploit, Rapid7 will benefit from the extensive security
> research experience of the Metasploit team and use this to enhance its
> existing NeXpose product line.
>
> Rapid7 was the right company for Metasploit for a number of reasons.
> First and foremost, they understand the value of the community have seen
> the benefits that funding a project like Metasploit can provide since
> our first conversation. Second, the management team at Rapid7 is made up
> of some brilliant folks. They may not be exploit developers, but they
> understand business and how to make a marriage with Metasploit increase
> their own bottom line without destroying the value of project in the
> process. Third, Rapid7 has an amazing technical staff and a solid
> vulnerability management product. There are only a few companies in the
> world that understand how much work is involved in doing vulnerability
> assessments right, and this team has been doing it for over 9 years.
> Lastly, Rapid7 has an enormous QA lab, with the ability to perform
> regression testing across a massive array of operating systems and patch
> levels. The combination of their staff and technical resources will
> allow the Metasploit Framework to make a huge leap ahead in the coming
> months.
>
> To the members of the community who have been contributing their time
> and mindshare, thank you! The best way to show our dedication is by
> demonstrating that we mean what we say. In the next six months, we will
> hammering out Metasploit Framework releases that benefit from the
> dedicated resources provided by Rapid7 and illustrate exactly what we
> can do now that we can fully focus on the framework. If you have any
> questions or comments, you can email me at hdm[at]metasploit.com or join
> our IRC channel (#metasploit on irc.freenode.net). The Metasploit web
> site has been updated to include a FAQ about the acquisition, as well as
> links to the announcement on the Rapid7 web site as well.
>
> Sincerely,
>
> HD Moore
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework