Rapid7 Case Studies Rapid7 Nexpose Enhances PCI Compliance and Overall Network Security for Bob’s Stores

Edit This Case Study Record

	Rapid7 Nexpose Enhances PCI Compliance and Overall Network Security for Bob’s Stores Rapid7

Rapid7 Nexpose Enhances PCI Compliance and Overall Network Security for Bob’s Stores

Rapid7

Technology Category	Cybersecurity & Privacy - Network Security Cybersecurity & Privacy - Security Compliance Cybersecurity & Privacy - Application Security
Applicable Industries	Retail
Applicable Functions	Business Operation Quality Assurance
Services	System Integration Cybersecurity Services Training
Challenge	In 2008, Bob’s Stores faced the challenge of meeting new PCI compliance standards, particularly requirement 11 of the PCI DSS, which mandated regular tests of security systems and processes through internal and external scans. The IT department, led by Nick Sorgio, Assistant Vice President and technology manager, needed a vulnerability management system to meet these standards and protect customer data. The pressure to quickly comply with these new requirements was significant, and Bob’s Stores had no existing vulnerability management system in place. This made finding a suitable tool a top business priority. Bob’s Stores conducted a comprehensive assessment of various vulnerability management vendors, ultimately selecting Rapid7 due to its ability to identify vulnerabilities across networks, operating systems, databases, web applications, and a wide range of system platforms. Rapid7 Nexpose provided the necessary vulnerability assessment scanning and monitoring capabilities to meet PCI data security standards and offered sound vulnerability management practices as part of a comprehensive security program. Read More
About Customer	Bob’s Stores, a retail company, was looking to enhance its security tools in 2008 to meet new PCI compliance standards. The company needed to comply with requirement 11 of the PCI DSS, which called for regular tests of security systems and processes through internal and external scans. Bob’s IT department, led by Nick Sorgio, Assistant Vice President and technology manager, was responsible for information security and oversaw a cross-functional IT team handling the entire technology infrastructure. The company faced significant pressure to quickly meet these compliance standards and protect customer data. Bob’s Stores conducted a thorough assessment of various vulnerability management vendors to find a suitable tool that would help them achieve compliance and ensure the security of their customer data. Read More
Solution	Bob’s Stores selected Rapid7 Nexpose for its vulnerability assessment scanning and monitoring capabilities, which met the required PCI data security standards. Nexpose provided comprehensive vulnerability management practices as part of a robust security program. The solution included audience-based PCI reporting, detailed step-by-step instructions for vulnerability remediation, and automated compliance. Working with Nexpose, Bob’s IT team quickly realized the potential of the tool. Nexpose fit into a time-saving process that required minimal changes or additional employee resources, allowing the IT team to scan and view all servers at once. Rapid7 also provided expert support to help the IT team understand PCI requirements and analyze scan results. This partnership allowed Bob’s Stores to prioritize compliance risks effectively. Beyond PCI compliance, Bob’s Stores recognized the value of comprehensive vulnerability management. They increased their Nexpose licenses by 50% to scan their entire environment and began using Metasploit for penetration testing to meet PCI requirements. The experience with Rapid7 Nexpose demonstrated that a strong vulnerability management program is the foundation of a successful security program. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Network Security

Cybersecurity & Privacy - Security Compliance

Cybersecurity & Privacy - Application Security

Applicable Industries

Retail

Applicable Functions

Business Operation

Quality Assurance

Services

System Integration

Cybersecurity Services

Training

Challenge

In 2008, Bob’s Stores faced the challenge of meeting new PCI compliance standards, particularly requirement 11 of the PCI DSS, which mandated regular tests of security systems and processes through internal and external scans. The IT department, led by Nick Sorgio, Assistant Vice President and technology manager, needed a vulnerability management system to meet these standards and protect customer data. The pressure to quickly comply with these new requirements was significant, and Bob’s Stores had no existing vulnerability management system in place. This made finding a suitable tool a top business priority. Bob’s Stores conducted a comprehensive assessment of various vulnerability management vendors, ultimately selecting Rapid7 due to its ability to identify vulnerabilities across networks, operating systems, databases, web applications, and a wide range of system platforms. Rapid7 Nexpose provided the necessary vulnerability assessment scanning and monitoring capabilities to meet PCI data security standards and offered sound vulnerability management practices as part of a comprehensive security program.

About Customer

Bob’s Stores, a retail company, was looking to enhance its security tools in 2008 to meet new PCI compliance standards. The company needed to comply with requirement 11 of the PCI DSS, which called for regular tests of security systems and processes through internal and external scans. Bob’s IT department, led by Nick Sorgio, Assistant Vice President and technology manager, was responsible for information security and oversaw a cross-functional IT team handling the entire technology infrastructure. The company faced significant pressure to quickly meet these compliance standards and protect customer data. Bob’s Stores conducted a thorough assessment of various vulnerability management vendors to find a suitable tool that would help them achieve compliance and ensure the security of their customer data.

Solution

Bob’s Stores selected Rapid7 Nexpose for its vulnerability assessment scanning and monitoring capabilities, which met the required PCI data security standards. Nexpose provided comprehensive vulnerability management practices as part of a robust security program. The solution included audience-based PCI reporting, detailed step-by-step instructions for vulnerability remediation, and automated compliance. Working with Nexpose, Bob’s IT team quickly realized the potential of the tool. Nexpose fit into a time-saving process that required minimal changes or additional employee resources, allowing the IT team to scan and view all servers at once. Rapid7 also provided expert support to help the IT team understand PCI requirements and analyze scan results. This partnership allowed Bob’s Stores to prioritize compliance risks effectively. Beyond PCI compliance, Bob’s Stores recognized the value of comprehensive vulnerability management. They increased their Nexpose licenses by 50% to scan their entire environment and began using Metasploit for penetration testing to meet PCI requirements. The experience with Rapid7 Nexpose demonstrated that a strong vulnerability management program is the foundation of a successful security program.

Impact #1	Rapid7 Nexpose provided a time-saving process that required minimal changes or additional employee resources, allowing the IT team to scan and view all servers at once.
Impact #2	Rapid7 experts offered continuous support, helping the IT team understand PCI requirements and analyze scan results, effectively prioritizing compliance risks.
Impact #3	Bob’s Stores increased their Nexpose licenses by 50% to scan their entire environment, demonstrating the value of comprehensive vulnerability management.

Impact #1

Rapid7 Nexpose provided a time-saving process that required minimal changes or additional employee resources, allowing the IT team to scan and view all servers at once.

Impact #2

Rapid7 experts offered continuous support, helping the IT team understand PCI requirements and analyze scan results, effectively prioritizing compliance risks.

Impact #3

Bob’s Stores increased their Nexpose licenses by 50% to scan their entire environment, demonstrating the value of comprehensive vulnerability management.

Benefit #1	50% increase in Nexpose licenses to scan the entire environment.

Benefit #1

50% increase in Nexpose licenses to scan the entire environment.

Download PDF Version

Overview

Rapid7 Nexpose Enhances PCI Compliance and Overall Network Security for Bob’s Stores

Operational Impact

Quantitative Benefit