Rapid7 Case Studies Rapid7 Metasploit Changes the Security Mindset at AutomationDirect

Edit This Case Study Record

	Rapid7 Metasploit Changes the Security Mindset at AutomationDirect Rapid7

Rapid7 Metasploit Changes the Security Mindset at AutomationDirect

Rapid7

Technology Category	Cybersecurity & Privacy - Endpoint Security Cybersecurity & Privacy - Network Security Cybersecurity & Privacy - Security Compliance
Applicable Industries	Equipment & Machinery
Applicable Functions	Business Operation Quality Assurance
Services	Cybersecurity Services System Integration Testing & Certification
Challenge	AutomationDirect, a proactive company, wanted to change the security mindset of its IT staff to stay ahead of the latest threats. The company needed to ensure that its IT security practices were robust enough to prevent both internal and external threats. Tim Lawrence, IT security analyst at AutomationDirect, recognized that administrators often prioritize getting systems up and running over security, which could lead to vulnerabilities. After attending the Black Hat convention in July 2010, Lawrence devised a long-term security strategy to address these issues. The goal was to anticipate and thwart potential hackers and eliminate internal oversights that could create inadvertent vulnerabilities. AutomationDirect was not under any immediate known security threat, but the IT security team needed to promote overall security best practices to the entire IT staff to prevent any possible worst-case scenarios. Read More
About Customer	AutomationDirect is a leading supplier of industrial automation equipment and associated components to manufacturers worldwide. Based in Cumming, Georgia, the company is known for its low pricing, award-winning customer support, objective product evaluations, and partnerships with reliable systems integrators. AutomationDirect uses sophisticated automation solutions to pack and ship its orders with high accuracy and efficiency. The company also places a high value on its employees, treating them as 'billion-dollar assets.' Since most of its business is conducted online, AutomationDirect must comply with the Payment Card Industry Data Security Standard (PCI DSS). The company is proactive in its approach to security, aiming to stay ahead of potential threats and ensure a secure environment for its operations. Read More
Solution	AutomationDirect implemented a comprehensive Rapid7 solution that includes Nexpose Enterprise Edition for vulnerability scanning and Metasploit Pro for penetration testing. Together, these tools provide a complete solution for risk assessment and remediation across the data center, networks, and Web servers. Metasploit Pro, with its extensive database of quality-assured exploits, allows Lawrence to emulate realistic network attacks on specific targets within the AutomationDirect environment. The tool assesses the security of Web applications, network and endpoint systems, and email users. Its user-friendly interface enables Lawrence to automate tasks and leverage multi-level attacks, completing penetration tests faster than with the freeware version. The solution also includes support for Web application exploits, managing client-side campaigns against end users, VPN pivoting, and team collaboration. After using Metasploit to break into a Web server, Lawrence runs the Nexpose vulnerability scanner through the compromised server. He uses VPN pivoting to discover exploitable vulnerabilities in databases hosting confidential customer and employee data. This information can be leveraged to conduct social engineering attacks, such as targeted phishing campaigns, to open new attack vectors on the internal network. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Endpoint Security

Cybersecurity & Privacy - Network Security

Cybersecurity & Privacy - Security Compliance

Applicable Industries

Equipment & Machinery

Applicable Functions

Business Operation

Quality Assurance

Services

Cybersecurity Services

System Integration

Testing & Certification

Challenge

AutomationDirect, a proactive company, wanted to change the security mindset of its IT staff to stay ahead of the latest threats. The company needed to ensure that its IT security practices were robust enough to prevent both internal and external threats. Tim Lawrence, IT security analyst at AutomationDirect, recognized that administrators often prioritize getting systems up and running over security, which could lead to vulnerabilities. After attending the Black Hat convention in July 2010, Lawrence devised a long-term security strategy to address these issues. The goal was to anticipate and thwart potential hackers and eliminate internal oversights that could create inadvertent vulnerabilities. AutomationDirect was not under any immediate known security threat, but the IT security team needed to promote overall security best practices to the entire IT staff to prevent any possible worst-case scenarios.

About Customer

AutomationDirect is a leading supplier of industrial automation equipment and associated components to manufacturers worldwide. Based in Cumming, Georgia, the company is known for its low pricing, award-winning customer support, objective product evaluations, and partnerships with reliable systems integrators. AutomationDirect uses sophisticated automation solutions to pack and ship its orders with high accuracy and efficiency. The company also places a high value on its employees, treating them as 'billion-dollar assets.' Since most of its business is conducted online, AutomationDirect must comply with the Payment Card Industry Data Security Standard (PCI DSS). The company is proactive in its approach to security, aiming to stay ahead of potential threats and ensure a secure environment for its operations.

Solution

AutomationDirect implemented a comprehensive Rapid7 solution that includes Nexpose Enterprise Edition for vulnerability scanning and Metasploit Pro for penetration testing. Together, these tools provide a complete solution for risk assessment and remediation across the data center, networks, and Web servers. Metasploit Pro, with its extensive database of quality-assured exploits, allows Lawrence to emulate realistic network attacks on specific targets within the AutomationDirect environment. The tool assesses the security of Web applications, network and endpoint systems, and email users. Its user-friendly interface enables Lawrence to automate tasks and leverage multi-level attacks, completing penetration tests faster than with the freeware version. The solution also includes support for Web application exploits, managing client-side campaigns against end users, VPN pivoting, and team collaboration. After using Metasploit to break into a Web server, Lawrence runs the Nexpose vulnerability scanner through the compromised server. He uses VPN pivoting to discover exploitable vulnerabilities in databases hosting confidential customer and employee data. This information can be leveraged to conduct social engineering attacks, such as targeted phishing campaigns, to open new attack vectors on the internal network.

Impact #1	The implementation of Metasploit Pro and Nexpose Enterprise Edition has significantly changed the security mindset of AutomationDirect's server administrators. They now request risk assessments and remediation recommendations before putting new servers online.
Impact #2	The Rapid7 support team has been responsive and efficient in handling minor key management issues, enhancing the overall user experience.
Impact #3	The Rapid7 Professional Services team provides quarterly PCI Compliance Testing, ensuring that AutomationDirect meets compliance protocols. An auditor who visited the company was satisfied with the compliance measures in place, spending only an hour on-site.

Impact #1

The implementation of Metasploit Pro and Nexpose Enterprise Edition has significantly changed the security mindset of AutomationDirect's server administrators. They now request risk assessments and remediation recommendations before putting new servers online.

Impact #2

The Rapid7 support team has been responsive and efficient in handling minor key management issues, enhancing the overall user experience.

Impact #3

The Rapid7 Professional Services team provides quarterly PCI Compliance Testing, ensuring that AutomationDirect meets compliance protocols. An auditor who visited the company was satisfied with the compliance measures in place, spending only an hour on-site.

Download PDF Version

Overview

Rapid7 Metasploit Changes the Security Mindset at AutomationDirect

Operational Impact