Republic Services Enhances Security with Cosmos for Continuous Testing
- Functional Applications - Enterprise Asset Management Systems (EAM)
- Functional Applications - Inventory Management Systems
- National Security & Defense
- Recycling & Waste Management
- Procurement
- Quality Assurance
- Supply Chain Visibility
- Tamper Detection
- Cloud Planning, Design & Implementation Services
- Testing & Certification
Republic Services, a leading company in U.S. recycling and non-hazardous solid waste disposal, faced a significant challenge in ensuring the privacy of consumers and business customers across approximately 40 states. Despite having a relatively small attack surface, the company needed to ensure responsible data handling beyond just satisfying compliance needs. They required constant visibility and a thorough understanding of where threats and risks might emerge on their perimeter. The challenge was further compounded as they transitioned to the cloud, specifically Amazon Web Services (AWS), and underwent rapid changes in their IT environment and business operations. The company needed a solution that could provide continuous testing and in-depth information to secure their organization and customers effectively.
Republic Services, Inc. is an industry leader in U.S. recycling and non-hazardous solid waste disposal. The company, through its subsidiaries, provides effective solutions to make responsible recycling and waste disposal effortless for its customers across the country. Republic Services operates collection companies, transfer stations, recycling centers, landfills, and environmental services. The company has 36,000 employees who are committed to providing a superior experience while fostering a sustainable Blue Planet® for future generations to enjoy a cleaner, safer, and healthier world. As a Fortune 500 company and a utility service, Republic Services operates in approximately 40 states.
Republic Services chose Bishop Fox’s Cosmos (formerly CAST) service to gain visibility into their attack surface and to discover, analyze, and investigate security risks as they emerge. Cosmos' automated discovery process helped Republic Services quickly build out their new asset inventory, discovering subdomains and one-off webpages that were created outside of the security auditing processes. These previously unknown assets were either taken offline or added to the asset inventory for appropriate protection. Cosmos also enabled Republic Services to track emerging threats and prevent attacks in real time. With Cosmos automatically scanning for these emerging threats and a team of humans analyzing the potential impact of an attack on their operations, Republic Services gained full visibility into their risk profile. The Cosmos team regularly notified the Republic Services team of each emerging high-impact CVE and cross-referenced the new vulnerability with the mapped assets to filter out the noise of an ever-changing threat landscape.