Download PDF
Rapid7 > Case Studies > Rapid7 Nexpose Enhances PCI Compliance and Overall Network Security for Bob’s Stores
Rapid7 Logo

Rapid7 Nexpose Enhances PCI Compliance and Overall Network Security for Bob’s Stores

Technology Category
  • Cybersecurity & Privacy - Network Security
  • Cybersecurity & Privacy - Security Compliance
  • Cybersecurity & Privacy - Application Security
Applicable Industries
  • Retail
Applicable Functions
  • Business Operation
  • Quality Assurance
Services
  • System Integration
  • Cybersecurity Services
  • Training
The Challenge
In 2008, Bob’s Stores faced the challenge of meeting new PCI compliance standards, particularly requirement 11 of the PCI DSS, which mandated regular tests of security systems and processes through internal and external scans. The IT department, led by Nick Sorgio, Assistant Vice President and technology manager, needed a vulnerability management system to meet these standards and protect customer data. The pressure to quickly comply with these new requirements was significant, and Bob’s Stores had no existing vulnerability management system in place. This made finding a suitable tool a top business priority. Bob’s Stores conducted a comprehensive assessment of various vulnerability management vendors, ultimately selecting Rapid7 due to its ability to identify vulnerabilities across networks, operating systems, databases, web applications, and a wide range of system platforms. Rapid7 Nexpose provided the necessary vulnerability assessment scanning and monitoring capabilities to meet PCI data security standards and offered sound vulnerability management practices as part of a comprehensive security program.
About The Customer
Bob’s Stores, a retail company, was looking to enhance its security tools in 2008 to meet new PCI compliance standards. The company needed to comply with requirement 11 of the PCI DSS, which called for regular tests of security systems and processes through internal and external scans. Bob’s IT department, led by Nick Sorgio, Assistant Vice President and technology manager, was responsible for information security and oversaw a cross-functional IT team handling the entire technology infrastructure. The company faced significant pressure to quickly meet these compliance standards and protect customer data. Bob’s Stores conducted a thorough assessment of various vulnerability management vendors to find a suitable tool that would help them achieve compliance and ensure the security of their customer data.
The Solution
Bob’s Stores selected Rapid7 Nexpose for its vulnerability assessment scanning and monitoring capabilities, which met the required PCI data security standards. Nexpose provided comprehensive vulnerability management practices as part of a robust security program. The solution included audience-based PCI reporting, detailed step-by-step instructions for vulnerability remediation, and automated compliance. Working with Nexpose, Bob’s IT team quickly realized the potential of the tool. Nexpose fit into a time-saving process that required minimal changes or additional employee resources, allowing the IT team to scan and view all servers at once. Rapid7 also provided expert support to help the IT team understand PCI requirements and analyze scan results. This partnership allowed Bob’s Stores to prioritize compliance risks effectively. Beyond PCI compliance, Bob’s Stores recognized the value of comprehensive vulnerability management. They increased their Nexpose licenses by 50% to scan their entire environment and began using Metasploit for penetration testing to meet PCI requirements. The experience with Rapid7 Nexpose demonstrated that a strong vulnerability management program is the foundation of a successful security program.
Operational Impact
  • Rapid7 Nexpose provided a time-saving process that required minimal changes or additional employee resources, allowing the IT team to scan and view all servers at once.
  • Rapid7 experts offered continuous support, helping the IT team understand PCI requirements and analyze scan results, effectively prioritizing compliance risks.
  • Bob’s Stores increased their Nexpose licenses by 50% to scan their entire environment, demonstrating the value of comprehensive vulnerability management.
Quantitative Benefit
  • 50% increase in Nexpose licenses to scan the entire environment.

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.