下载PDF
Rapid7 > 实例探究 > Managed Care Systems Inc. Leverages Rapid7 Pen Testing to Evaluate User Roles and Privileges
Rapid7 Logo

Managed Care Systems Inc. Leverages Rapid7 Pen Testing to Evaluate User Roles and Privileges

技术
  • 网络安全和隐私 - 安全合规
  • 网络安全和隐私 - 应用安全
适用行业
  • 医疗保健和医院
适用功能
  • 商业运营
服务
  • 网络安全服务
  • 系统集成
挑战
MCSI wanted to test the ability of their back end, role-based access controls to curb attempts to elevate privileges. They needed an official way to inform clients and regulators on the security and integrity of their systems, while also satisfying HIPAA standards with a third-party evaluation.
关于客户
Managed Care Systems Inc. (MCSI) is a small business with 15 employees that plays a vital role in the United States’ healthcare sector. For over 20 years, MCSI has been providing industry-leading automated health claim software designed to put the management and implementation of business processes into the hands of expert end users. MCSI’s flagship Visova offering automates claims processing, enrollment, cost containment, and other benefit management procedures for some of the largest claims handling organizations in the country.
解决方案
The Rapid7 team guided MCSI through recommendations and functional areas to focus on for a role-based pen test. Rapid7 provided a list of requirements explaining where new users needed to be created, as well as detailed information at the beginning and end of each working day to ensure MCSI was fully briefed and up-to-date on the pen testing progress. The resulting pen test report highlighted actionable items for MCSI, providing a granular level of detail into resolutions, further resources, discussion points, and advice to help them prioritize that list.
运营影响
  • MCSI was able to leverage Rapid7’s highly actionable and specific report to create internal tickets that resulted in quick vulnerability resolution.
  • The communication between MCSI and Rapid7 ensured that if an issue did occur, the MCSI team could quickly assess and determine if it was the result of the pen testing or some other activity.
  • Rapid7's cautionary notes minimized any unwanted surprises during the process and reassured MCSI of their choice.

相关案例.

联系我们

欢迎与我们交流!

* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

Thank you for your message!
We will contact you soon.