下载PDF
Rapid7 > 实例探究 > Rapid7 Nexpose Enhances PCI Compliance and Overall Network Security for Bob’s Stores
Rapid7 Logo

Rapid7 Nexpose Enhances PCI Compliance and Overall Network Security for Bob’s Stores

技术
  • 网络安全和隐私 - 网络安全
  • 网络安全和隐私 - 安全合规
  • 网络安全和隐私 - 应用安全
适用行业
  • 零售
适用功能
  • 商业运营
  • 质量保证
服务
  • 系统集成
  • 网络安全服务
  • 培训
挑战
In 2008, Bob’s Stores faced the challenge of meeting new PCI compliance standards, particularly requirement 11 of the PCI DSS, which mandated regular tests of security systems and processes through internal and external scans. The IT department, led by Nick Sorgio, Assistant Vice President and technology manager, needed a vulnerability management system to meet these standards and protect customer data. The pressure to quickly comply with these new requirements was significant, and Bob’s Stores had no existing vulnerability management system in place. This made finding a suitable tool a top business priority. Bob’s Stores conducted a comprehensive assessment of various vulnerability management vendors, ultimately selecting Rapid7 due to its ability to identify vulnerabilities across networks, operating systems, databases, web applications, and a wide range of system platforms. Rapid7 Nexpose provided the necessary vulnerability assessment scanning and monitoring capabilities to meet PCI data security standards and offered sound vulnerability management practices as part of a comprehensive security program.
关于客户
Bob’s Stores, a retail company, was looking to enhance its security tools in 2008 to meet new PCI compliance standards. The company needed to comply with requirement 11 of the PCI DSS, which called for regular tests of security systems and processes through internal and external scans. Bob’s IT department, led by Nick Sorgio, Assistant Vice President and technology manager, was responsible for information security and oversaw a cross-functional IT team handling the entire technology infrastructure. The company faced significant pressure to quickly meet these compliance standards and protect customer data. Bob’s Stores conducted a thorough assessment of various vulnerability management vendors to find a suitable tool that would help them achieve compliance and ensure the security of their customer data.
解决方案
Bob’s Stores selected Rapid7 Nexpose for its vulnerability assessment scanning and monitoring capabilities, which met the required PCI data security standards. Nexpose provided comprehensive vulnerability management practices as part of a robust security program. The solution included audience-based PCI reporting, detailed step-by-step instructions for vulnerability remediation, and automated compliance. Working with Nexpose, Bob’s IT team quickly realized the potential of the tool. Nexpose fit into a time-saving process that required minimal changes or additional employee resources, allowing the IT team to scan and view all servers at once. Rapid7 also provided expert support to help the IT team understand PCI requirements and analyze scan results. This partnership allowed Bob’s Stores to prioritize compliance risks effectively. Beyond PCI compliance, Bob’s Stores recognized the value of comprehensive vulnerability management. They increased their Nexpose licenses by 50% to scan their entire environment and began using Metasploit for penetration testing to meet PCI requirements. The experience with Rapid7 Nexpose demonstrated that a strong vulnerability management program is the foundation of a successful security program.
运营影响
  • Rapid7 Nexpose provided a time-saving process that required minimal changes or additional employee resources, allowing the IT team to scan and view all servers at once.
  • Rapid7 experts offered continuous support, helping the IT team understand PCI requirements and analyze scan results, effectively prioritizing compliance risks.
  • Bob’s Stores increased their Nexpose licenses by 50% to scan their entire environment, demonstrating the value of comprehensive vulnerability management.
数量效益
  • 50% increase in Nexpose licenses to scan the entire environment.

相关案例.

联系我们

欢迎与我们交流!

* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

Thank you for your message!
We will contact you soon.