Michael Feiertag
By Michael Feiertag
Posted On October 15, 2018

Rapid7 Acquires tCell

Application Security

Today we’re announcing the next step in tCell’s mission to secure the world’s web applications. We’re joining forces with Rapid7 to fundamentally change how teams approach application security.

Four years ago, Boris Chen and I started tCell with the goal to help teams transform their approach to security - to move from being an obstacle to rapid iteration toward becoming a tool that can actually accelerate innovation. We had seen firsthand how the adoption of cloud infrastructure and methodologies like DevOps and continuous integration and deployment had radically changed how web applications were developed, delivering mind-blowing gains in terms of how quickly teams could learn and react to their customers’ needs. We also saw that security teams struggled to work effectively in these new environments. Too often, teams were presented with a false choice of delivering new capabilities for their users or ensuring that their users are secure.

What’s more important, we saw that as teams moved more and more of their infrastructure into the cloud, the application layer became the principal method of attack. Whether it’s Fortune 500 enterprises, leading tech companies or smaller organizations, the most common way a company gets compromised in a big, “read about yourself in the New York Times,” kind of way is through an application-level attack. The reason for this is simple - web apps and API services are exposed to the outside world. Web apps are what hold your customer data, and as cloud services abstract away underlying infrastructure applications are the only component left to be targeted.

This is why we are so excited to join Rapid7. Within the Rapid7 team, we have found a common vision for how security can be a catalyst for innovation and together we recognize that application security will be central to making this a reality. But more importantly, we have seen how our combined technologies will provide a unique and simple path to achieving that shared vision.

Rapid7’s Insight Platform is built on the idea that security should be simple and effective. That sounds like an obvious statement, but it’s unique in the security world. It’s also critical to making security work in this new cloud environment. The biggest challenge to adopting security tools and practices is rarely budget; it’s limited time and availability of specialized skills. The unemployment rate for security engineers is negative and no company will be able to hire their way out of this problem. Rapid7’s platform is the key: it provides a simplified and integrated approach to addressing key security issues at all layers of a datacenter or cloud environment. Security teams need tools that really work, are practical to deploy, and whose deployment ultimately lowers workload by providing insight, automation and well thought out workflows.

In the coming months, we’ll start showing how adding tCell’s Next-Generation WAF and RASP technologies to the Rapid7 Insight Platform will change how security teams approach application security. We’ll show how combining protection, monitoring, testing, automation and analytics into a single, well-integrated platform will provide a practical, easily-deployed path to implementing effective application security for cloud environments.

In the meantime, we’ll be heads down continuing to support our wonderful customers, building new capabilities, and moving forward toward our new shared goals.

Read the full announcement here.