By Milana Vinn
NEW YORK (Reuters) – Rapid7, a cybersecurity firm with a market value of $2.4 billion, is exploring options with its investment bankers after attracting acquisition interest from buyout firms, according to people familiar with the matter.
The Boston-based company, which is being advised by Goldman Sachs and JPMorgan, is in early talks with private-equity firms including Advent, Bain Capital and EQT, and is exploring a potential sale, the sources said, requesting anonymity as the discussions are confidential.
The discussions may not lead to a deal and Rapid7 could opt to stay independent, the sources added.
This is not the first time Rapid7 has attracted acquisition interest. Last year, the company explored its options after fielding interest from potential suitors, Reuters reported, before the talks fizzled out.
Rapid7, Advent, Bain, EQT and JPMorgan declined to comment. Goldman Sachs did not immediately respond to Reuters requests for comment.
Rapid7 faces pressure from activist investor Jana Partners, which has built a 5.8% stake in the company and urged it to explore a sale.
Rapid7 specializes in so-called vulnerability management, providing software tools and services that help businesses assess and monitor security risks.
The company’s shares are down about 32% this year, underperforming the S&P 500 systems software index, which has risen more than 17%.
Rapid7 competes in the vulnerability management market against larger rivals such as Tenable, which has also been exploring a sale, and Qualys.
Private-equity firms have been prolific investors in the cybersecurity sector in recent years. In November 2021, an investor consortium led by Advent International acquired McAfee Corp for $14 billion. In 2022, Vista Equity took cybersecurity firm KnowBe4 private in a deal worth $4.6 billion.
Last year, Rapid7 hired Peiter Zatko, a former hacker who served as head of security at social-media platform X until his firing in January 2022, as a part-time consultant. X owner Elon Musk seized on Zatko’s claims about X’s security flaws and lack of control over spambots in his unsuccessful bid to pull out of his $44-billion acquisition of the platform in 2022.
(Reporting by Milana Vinn in New York; editing by Anirban Sen and Rod Nickel)
Comments