Digital security software company Rapid7 Inc. saw its shares jump 58 percent in an initial public offering Friday, reflecting a spike of investor interest in security companies following the theft of personal data belonging to millions of federal employees.
Rapid7, based in Boston, sells software that identifies weaknesses that malicious hackers might exploit in computer programs and digital networks. It claims around 4,000 customers, including several large corporate buyers.
Rapid7 sold 6.45 million shares to investors Thursday night at $16 per share, raising about $103 million before subtracting its fees. The company’s shares shot up to $27 in early trading and closed the day at $25.28. The company had previously said it expected to price its shares at $13 to $15 each. Rapid7 is trading on the Nasdaq exchage under the ticker symbol RPD.
Rapid7 was founded 15 years ago and now has about 550 employees. It’s the first Boston-based technology company to hold an IPO this year, following the IPOs of Care.com Inc., Hubspot Inc., Wayfair Inc., and Imprivata Inc. in 2014.
Analysts expect another security company, Burlington-based Veracode, to follow Rapid7 to the public markets in the coming months.
Rapid7’s IPO comes about a week after the Obama administration’s top personnel executive was forced to resign over a massive data breach that revealed Social Security numbers and other private information for millions of federal workers.
The federal hacking episode is the latest example of what has become a steady drumbeat of large security failures in recent years, including last fall’s thefts of customer payment-card data from Target and Home Depot.
Rapid7’s strong debut shows that investors are starting to pay attention to these attacks and the companies that profit from thwarting them, Forrester Research analyst Tyler Shields said.
“We’ve hit the snooze button about six times and now we’re finally ready to wake up,” Shields said. “The general market investor is going `Oh crap, this is a serious issue. Even though I don’t understand the nuances of it, I’ve got to put some money into it.’”
Market research firm Gartner estimates sales of digital security products and services will hit $80 billion worldwide this year and rise to $93 billion in the next two years.
Rapid7’s competitors include large companies such as Intel’s McAfee, HP, and IBM, along with smaller providers. About two-thirds of Rapid7’s sales over the last three years were generated by one product, Nexpose, although the company has attempted to grow its product portfolio with acquisitions.
The company’s revenue has grown from $46 million in 2012 to nearly $77 million in 2014. But Rapid7 has never turned an annual profit and its losses have grown over the years, rising from $12.4 million in 2012 to $32.6 million last year. The largest chunk of its spending is in sales and marketing, which cost the company about $49 million in 2014.
In paperwork filed with federal regulators, Rapid7 said it expects to “continue to generate losses for the foreseeable future.”
Before the IPO, Rapid7’s two largest investors were Palo Alto, CA-based Technology Crossover Ventures and Boston-based Bain Capital Ventures. The two venture capital firms invested $30 million into the company last year, following a $50 million investment in 2011.
Private security companies, including several in the Boston area, have been adding investment cash from venture capitalists and large corporate backers in recent months.
Cybereason, a Cambridge-based company, raised $25 million in May from Charles River Ventures and defense contractor Lockheed Martin Corp. Waltham-based CounterTack raised $15 million in early June, and Boston-based startup Barkly collected a $12.5 million investment round a few weeks later.
Updated at 5 p.m. with more detail.
Globe Correspondent Jack Newsham contributed to this report.