Rapid7 Inc., a publicly traded provider of vulnerability detection and remediation software, is reportedly exploring a sale.

Reuters reported the development on Wednesday, citing people familiar with the matter. Rapid7 is said to have received takeover interest from multiple potential buyers including private equity firms. Over the past few quarters, private equity firms have acquired several other major cybersecurity companies in deals collectively worth over $12 billion.

Reuters’ sources cautioned that Rapid7’s discussions with prospective buyers are in an early stage and may not lead to a deal. Nevertheless, shares of the company jumped more than 20% on the report. 

Boston-based Rapid7 sells software that organizations use to detect and fix vulnerabilities in their technology infrastructure. It went public on the Nasdaq stock exchange in 2015 after previously raising $89 million from investors. The company has more than 10,700 customers worldwide, including Autodesk Inc., Qlik Technologies Inc. and other major enterprise technology providers.

Rapid7’s product portfolio includes a platform called InsightAppSec that launches simulated hacking attempts against applications to detect vulnerabilities. According to the company, the platform can detect dozens of common application vulnerabilities. It also sells a tool for detecting insecure configuration settings in public cloud environments and Kubernetes clusters.

Alongside the vulnerability detection segment, Rapid7 has a presence in several other parts of the cybersecurity market. It provides a threat intelligence service that provides companies with data about hacker activity. It also offers a SIEM, or security information and event management, platform that enables administrators to centrally monitor multiple types of technology systems for breach indicators.

Rapid7 generated revenues of $176 million in the third quarter, a 26% increase from the same time a year earlier. The company’s customer base grew 9% year-over-year, while annualized recurring revenue per customer jumped 14%. It also achieved an adjusted profit of $13 million during the quarter.

In November, the company projected that it would end the last three months of 2022 with quarterly revenues of between $179 million and $181 million. it also forecast an adjusted profit of $14 million to $16 million. 

Rapid7’s reported discussions with potential buyers follow a year in which multiple publicly traded cybersecurity providers opted to go private. Several of those acquisitions involved private equity firms. 

Last April, Thoma Bravo agreed to acquire cybersecurity provider SailPoint Technologies Holdings Inc. in a $6.9 billion deal. A few months later, the private equity firm paid $2.3 billion to buy ForgeRock Inc., which develops software for regulating user access to applications. Vista Equity Partners acquired cybersecurity training provider KnowBe4 Inc. around the same time for $4.6 billion. 

Image: Rapid7