Download PDF
Rapid7 Nexpose® and Metasploit® “Make Life Easier” at Wiltshire Council
Technology Category
- Cybersecurity & Privacy - Application Security
- Cybersecurity & Privacy - Network Security
Applicable Functions
- Business Operation
Use Cases
- Intrusion Detection Systems
- Regulatory Compliance Monitoring
- Remote Control
Services
- System Integration
- Training
The Challenge
Wiltshire Council, a unitary council established in 2009, faced the challenge of managing and protecting the personal information of its residents. With over 5,000 employees and more than 350 diverse services, the council needed an efficient and effective IT service to support, maintain, and provide strategic advice. Annual penetration tests were part of the compliance mandates, and the council needed a solution that could run pen tests all year round. Additionally, the council required a vulnerability management solution that could provide detailed and actionable reporting to help remediate risks in the environment.
About The Customer
Wiltshire Council is a unitary council established in 2009, responsible for managing and protecting the personal information of its residents. With over 5,000 employees, the council provides support, maintenance, and strategic advice to more than 350 diverse services. Steve Grieshaber, the acting head of service, IT infrastructure, plays a crucial role in ensuring the IT service is both efficient and effective. The council's IT infrastructure is scrutinized at the highest level, making it essential to have robust security measures in place. The council's website is www.wiltshire.gov.uk.
The Solution
Wiltshire Council implemented Rapid7 Nexpose and Metasploit to address their security challenges. Steve Grieshaber, who was enrolled in a certified ethical hacking course, became familiar with Metasploit and recognized its benefits for penetration testing. Nexpose was evaluated for its vulnerability management capabilities, and its interface and detailed reporting stood out. The integration of Nexpose and Metasploit allowed the council to run scans and penetration tests efficiently. The reporting functionality of Nexpose significantly reduced the time required to review findings, from three to four months to just days. The intuitive dashboard and the ability to run specific scans quickly, such as for the Heartbleed vulnerability, further enhanced the council's security operations.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Goldcorp: Internet of Things Enables the Mine of the Future
Goldcorp is committed to responsible mining practices and maintaining maximum safety for its workers. At the same time, the firm is constantly exploring ways to improve the efficiency of its operations, extend the life of its assets, and control costs. Goldcorp needed technology that can maximize production efficiency by tracking all mining operations, keep employees safe with remote operations and monitoring of hazardous work areas and control production costs through better asset and site management.
Case Study
Remote Monitoring and Control for a Windmill Generator
As concerns over global warming continue to grow, green technologies are becoming increasingly popular. Wind turbine companies provide an excellent alternative to burning fossil fuels by harnessing kinetic energy from the wind and converting it into electricity. A typical wind farm may include over 80 wind turbines so efficient and reliable networks to manage and control these installations are imperative. Each wind turbine includes a generator and a variety of serial components such as a water cooler, high voltage transformer, ultrasonic wind sensors, yaw gear, blade bearing, pitch cylinder, and hub controller. All of these components are controlled by a PLC and communicate with the ground host. Due to the total integration of these devices into an Ethernet network, one of our customers in the wind turbine industry needed a serial-to-Ethernet solution that can operate reliably for years without interruption.
Case Study
Remote Monitoring for Environmental Compliance
Emerson wanted to provide a connected environmental analyzer to their customers. They wanted to leverage IoT technologies to provide a software solution that was easy to use, real-time and centralized. Compliance with pollution control board guidelines and the ability to remotely calibrate and troubleshoot these devices was the primary objective. Requirements - Centralized Remote Monitoring. - IoT Based Smart Environmental Analyzers. - Remote Calibration and Troubleshooting. - User Friendly Application. - Reporting & Dashboards. - Compliance with pollution control board guidelines.
Case Study
Using SNMP for a Ethernet-Based Home Automation System
A startup company was developing a product which provides service partners with an integrated e-services platform that allows customers to remotely monitor and control devices in their home or business. In order to complete their project, the startup needed a control system that could monitor and control the many different devices used by their potential customers, preferably with an open protocol for greater flexibility. SNMP was their first choice, as it is commonly used and well understood in the IT field. The next step was to choose an I/O server to connect to the sensors in a home automation system. System Requirements - Open Ethernet-based procotol - SNMP protocol for I/O control - Compact size to save space - Long-term support and services
Case Study
Protecting a Stadium from Hazardous Materials Using IoT2cell's Mobility Platform
There was a need for higher security at the AT&T Stadium during the NFL draft. There was a need to ensure that nuclear radiation material was not smuggled inside the stadium. Hazmat materials could often be missed in a standard checkpoint when gaining entry into a stadium.
Case Study
Boiler Control System for Plastic Manufacturing Applications
Factory automation applications must be equipped to handle and monitor the myriads of information from attached devices. For plastic manufacturing applications, the boiler control system plays a critical role by gathering and regulating information to ensure production is accurate and smooth. In this particular case, the customer combines eight subsystems that include power meters, water meters, alarm output, displays, and I/O status to be controlled by several intelligent controllers with Modbus RTU interface. The Modbus TCP protocol is used for this application due to the distance. System Requirements: • Modbus serial to Modbus TCP translation • Multiple slaves/masters support • Automatic Modbus TCP response time detection
