Rapid7 Case Studies Rapid7 Conducts a Penetration Test for Eyelock

Edit This Case Study Record

	Rapid7 Conducts a Penetration Test for Eyelock Rapid7

Rapid7 Conducts a Penetration Test for Eyelock

Rapid7

Technology Category	Cybersecurity & Privacy - Application Security Cybersecurity & Privacy - Security Compliance
Applicable Industries	Security & Public Safety
Applicable Functions	Product Research & Development Quality Assurance
Services	Cybersecurity Services System Integration
Challenge	Recently, Eyelock set out on a new project: making security airtight for logical access devices. They wanted an external team to take a very close look at their security architecture to implement a design that would allow for access to computers, websites, online banking, and the like. The RFP process kicked off, and the Eyelock team began evaluating various third-party vendors. The top three qualifications were extensive experience with embedded products, a high level of security expertise, and a strong overall reputation within the industry. Through a combination of these factors, Rapid7 won out. Read More
About Customer	Eyelock Corporation is a biometric technology provider specializing in iris-based identity authentication products and technology solutions. They are a major player in the biometric space, revolutionizing iris scanning technology. Eyelock’s products span physical and logical access and can be found in numerous places such as banks, commercial buildings, airports, and border crossings. Their core business revolves around ensuring the highest standards of security and encryption for their iris templates, making them a trusted name in the industry. Read More
Solution	Eyelock chose Rapid7’s Professional Services for their penetration test due to their extensive knowledge, professionalism, and dedication. Rapid7’s ability to think like an attacker and their willingness to be on-site during the eight-week engagement were key factors. Eyelock’s approach to a penetration test exemplifies their extreme commitment to security, ensuring that security is baked in from the start. Rapid7’s expertise in penetration testing, their DREAD reporting methodology, and their constant communication throughout the process were crucial in identifying and addressing potential security vulnerabilities. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Application Security

Cybersecurity & Privacy - Security Compliance

Applicable Industries

Security & Public Safety

Applicable Functions

Product Research & Development

Quality Assurance

Services

Cybersecurity Services

System Integration

Challenge

Recently, Eyelock set out on a new project: making security airtight for logical access devices. They wanted an external team to take a very close look at their security architecture to implement a design that would allow for access to computers, websites, online banking, and the like. The RFP process kicked off, and the Eyelock team began evaluating various third-party vendors. The top three qualifications were extensive experience with embedded products, a high level of security expertise, and a strong overall reputation within the industry. Through a combination of these factors, Rapid7 won out.

About Customer

Eyelock Corporation is a biometric technology provider specializing in iris-based identity authentication products and technology solutions. They are a major player in the biometric space, revolutionizing iris scanning technology. Eyelock’s products span physical and logical access and can be found in numerous places such as banks, commercial buildings, airports, and border crossings. Their core business revolves around ensuring the highest standards of security and encryption for their iris templates, making them a trusted name in the industry.

Solution

Eyelock chose Rapid7’s Professional Services for their penetration test due to their extensive knowledge, professionalism, and dedication. Rapid7’s ability to think like an attacker and their willingness to be on-site during the eight-week engagement were key factors. Eyelock’s approach to a penetration test exemplifies their extreme commitment to security, ensuring that security is baked in from the start. Rapid7’s expertise in penetration testing, their DREAD reporting methodology, and their constant communication throughout the process were crucial in identifying and addressing potential security vulnerabilities.

Impact #1	Rapid7’s on-site presence allowed for direct collaboration with Eyelock’s hardware and software teams, ensuring a thorough and effective penetration test.
Impact #2	The use of the DREAD reporting methodology provided a clear and structured way to score and address security findings.
Impact #3	Constant communication between Rapid7 and Eyelock allowed for continuous improvement and tweaking of security measures throughout the engagement.

Impact #1

Rapid7’s on-site presence allowed for direct collaboration with Eyelock’s hardware and software teams, ensuring a thorough and effective penetration test.

Impact #2

The use of the DREAD reporting methodology provided a clear and structured way to score and address security findings.

Impact #3

Constant communication between Rapid7 and Eyelock allowed for continuous improvement and tweaking of security measures throughout the engagement.

Benefit #1	The eight-week engagement period allowed for an in-depth and thorough penetration test.
Benefit #2	Rapid7’s DREAD reporting methodology provided a structured scoring system for security findings.

Benefit #1

The eight-week engagement period allowed for an in-depth and thorough penetration test.

Benefit #2

Rapid7’s DREAD reporting methodology provided a structured scoring system for security findings.

Download PDF Version

Overview

Rapid7 Conducts a Penetration Test for Eyelock

Operational Impact

Quantitative Benefit