Press Release

Rapid7 and Coalfire Join Forces to Provide Powerful PCI-Approved Scanning Services

January 17, 2017

New partnership will leverage and combine organizations’ deep knowledge in vulnerability management and compliance to deliver streamlined solutions for meeting PCI standards


Boston, MA – January 18, 2017Rapid7, Inc. (NASDAQ: RPD), a leading provider of IT and security analytics solutions, announced that it has partnered with Coalfire, an industry-leading cyber risk management and compliance solution provider, to deliver its PCI Approved Scanning Vendor (ASV) offering. The companies have also announced that Coalfire has standardized its scanning solution on Nexpose, Rapid7’s vulnerability management solution. With Nexpose as the underlying scanning engine behind CoalfireOne℠, customers will benefit from the combined power of top-rated vulnerability management and compliance expertise to more effectively meet the needs of their organizations.  

Through the partnership, Rapid7 ASV customers will have access to the CoalfireOne portal to run and manage their ASV scans and obtain PCI attestation reports. The streamlined interface significantly reduces manual processes and simplifies tasks, such as submitting evidence for exceptions. The PCI Security Standards Council (SSC), which promotes standards for the safety of cardholder data globally, issues ASV status to organizations that provide security services and tools used to conduct external vulnerability scanning to validate adherence with the external scanning requirements of PCI DSS Requirement 11.2.2.

“We strongly believe that building meaningful partnerships with industry-leading organizations is one of the most effective ways to help our customers better secure their environments and mitigate risk,” said David Etue, vice president of managed services at Rapid7.  “Pairing Rapid7’s leading vulnerability management technology with Coalfire’s demonstrated ability to help customers manage and document compliance, especially as the PCI compliance landscape continues to shift, is a recipe for customer success.

Rapid7 will continue to focus on delivering innovative PCI scanning capabilities to support its ASV partners and will maintain its status as PCI ASV certified. Current Rapid7 PCI ASV customers will be contacted to schedule their transition to the CoalfireOne-delivered service. Nexpose monitors exposures in real time and adapts to new threats with fresh data, ensuring customers can always act at the moment of impact. Nexpose real-time monitoring is supported by Rapid7’s research, threat intelligence, and the Metasploit community, ensuring comprehensive coverage for today’s evolving threat landscape.

“In order to effectively minimize the impact on brand trust and reputation, speed is a critical capability when helping businesses to identify cyber threats,” said Dirk Anderson, vice president, enterprise risk & compliance, for Coalfire. “Our long-standing and continued relationship with Rapid7 as the underlying engine to the CoalfireOne platform has helped our customers maintain the integrity of critical systems in the ongoing effort to preserve and grow their brand in the face of increasing cyber threats.”

For more information about Rapid7 compliance and requirements: 

For more information about Rapid7 Nexpose:

About Coalfire

Coalfire is the trusted leader in cybersecurity risk management and compliance services. Coalfire integrates advisory and technical assessments and recommendations to the corporate directors, executives, boards, and IT organizations for global brands and organizations in the technology, cloud, healthcare, retail, payments, government and financial industries. Coalfire’s approach addresses each businesses’ specific vulnerability challenges, developing a long-term strategy to prevent security breaches and data theft. Coalfire has offices throughout the United States and Europe

About Rapid7

With Rapid7, technology professionals gain the clarity, command, and confidence to safely drive innovation and protect against risk. We make it simple to collect operational data across systems, eliminating blind spots and unlocking the information required to securely develop, operate, and manage today’s sophisticated applications and services. Our analytics and science transform your data into key insights so you can quickly predict, deter, detect, and remediate attacks and obstacles to productivity. Armed with Rapid7, technology professionals finally gain the insights needed to safely move their business forward. Rapid7 is trusted by more than 5,800 organizations across over 110 countries, including 37% of the Fortune 1000. To learn more about Rapid7 or get involved in our threat research, visit


Press contacts:
Adam Cormier
Racepoint Global
(617) 624-3218

Rachel E. Adam
Rapid7, Senior PR Manager
(857) 415-4443