I was talking last week to my friend HD Moore who founded and leads the development team for Metasploit at Rapid7. He told me about yet another open source project that Rapid7 has been supporting with financial and engineering support. The venerable John-the-Ripper password cracking project has been the recipient of support from Rapid7 for about a year now, culminating in the latest release which was recently announced.
John-the-Ripper which is the standard in the security/password cracking world, is part of Openwall. There are actually quite a number of open source security projects under the Openwall umbrella. Openwall itself is the granddaddy of security Linux distributions. Many of today's "secure" Linux distributions like SELinux and EnGarde have some of the Openwall DNA. But in addition, Openwall also handles things like crypt blowfish, the popular password hashing algorithm and many other open source security projects.

The news of Rapid7's support was also announced on the Rapid7 community boards last week as well. Rapid7 has developed a history of supporting open source security projects. It gave a home to HD Moore and the Metasploit team about 2 years ago. Since then Rapid7 has also begun to sell the Metasploit Pro commercial product based on the open source Metasploit project. To their credit they have also continued to develop and distribute a robust open source version of the product as well.