Rapid7 Nexpose Enhances PCI Compliance and Overall Network Security for Bob’s Stores

• 网络安全和隐私 - 应用安全
• 网络安全和隐私 - 网络安全
• 网络安全和隐私 - 安全合规

• 零售

• 商业运营
• 质量保证

• 网络安全服务
• 系统集成
• 培训

In 2008, Bob’s Stores faced the challenge of meeting new PCI compliance standards, particularly requirement 11 of the PCI DSS, which mandated regular tests of security systems and processes through internal and external scans. The IT department, led by Nick Sorgio, Assistant Vice President and technology manager, needed a vulnerability management system to meet these standards and protect customer data. The pressure to quickly comply with these new requirements was significant, and Bob’s Stores had no existing vulnerability management system in place. This made finding a suitable tool a top business priority. Bob’s Stores conducted a comprehensive assessment of various vulnerability management vendors, ultimately selecting Rapid7 due to its ability to identify vulnerabilities across networks, operating systems, databases, web applications, and a wide range of system platforms. Rapid7 Nexpose provided the necessary vulnerability assessment scanning and monitoring capabilities to meet PCI data security standards and offered sound vulnerability management practices as part of a comprehensive security program.

Bob’s Stores, a retail company, was looking to enhance its security tools in 2008 to meet new PCI compliance standards. The company needed to comply with requirement 11 of the PCI DSS, which called for regular tests of security systems and processes through internal and external scans. Bob’s IT department, led by Nick Sorgio, Assistant Vice President and technology manager, was responsible for information security and oversaw a cross-functional IT team handling the entire technology infrastructure. The company faced significant pressure to quickly meet these compliance standards and protect customer data. Bob’s Stores conducted a thorough assessment of various vulnerability management vendors to find a suitable tool that would help them achieve compliance and ensure the security of their customer data.

Bob’s Stores selected Rapid7 Nexpose for its vulnerability assessment scanning and monitoring capabilities, which met the required PCI data security standards. Nexpose provided comprehensive vulnerability management practices as part of a robust security program. The solution included audience-based PCI reporting, detailed step-by-step instructions for vulnerability remediation, and automated compliance. Working with Nexpose, Bob’s IT team quickly realized the potential of the tool. Nexpose fit into a time-saving process that required minimal changes or additional employee resources, allowing the IT team to scan and view all servers at once. Rapid7 also provided expert support to help the IT team understand PCI requirements and analyze scan results. This partnership allowed Bob’s Stores to prioritize compliance risks effectively. Beyond PCI compliance, Bob’s Stores recognized the value of comprehensive vulnerability management. They increased their Nexpose licenses by 50% to scan their entire environment and began using Metasploit for penetration testing to meet PCI requirements. The experience with Rapid7 Nexpose demonstrated that a strong vulnerability management program is the foundation of a successful security program.

• Rapid7 Nexpose provided a time-saving process that required minimal changes or additional employee resources, allowing the IT team to scan and view all servers at once.
• Rapid7 experts offered continuous support, helping the IT team understand PCI requirements and analyze scan results, effectively prioritizing compliance risks.
• Bob’s Stores increased their Nexpose licenses by 50% to scan their entire environment, demonstrating the value of comprehensive vulnerability management.

• 50% increase in Nexpose licenses to scan the entire environment.