Rapid7 Case Studies Securing Critical Patient Data: Bioventus' Success with Rapid7

Edit This Case Study Record

	Securing Critical Patient Data: Bioventus' Success with Rapid7 Rapid7

Securing Critical Patient Data: Bioventus' Success with Rapid7

Rapid7

Technology Category	Cybersecurity & Privacy - Endpoint Security Cybersecurity & Privacy - Intrusion Detection
Applicable Industries	Equipment & Machinery National Security & Defense
Use Cases	Counterfeit Product Identification Tamper Detection
Services	Cloud Planning, Design & Implementation Services Cybersecurity Services
Challenge	Bioventus, a global leader in active healing and surgical orthobiologics, faced significant security challenges due to its large distributed workforce, multiple clouds, diverse devices, and the critical nature of patient data. The company's security team had to deal with user compromise and phishing emails on a daily basis. As an international healthcare company based in the US, Bioventus had the additional challenge of safeguarding patient records. A breach of any sort could be damaging, but a breach of patient records could be particularly expensive. The company also faced common security challenges for enterprises of its size, such as attacks on its cloud-based networks. Read More
About Customer	Bioventus is a global leader in innovations for active healing and surgical orthobiologics. The company works with patients, payers, and healthcare providers throughout the world. Based in Durham, North Carolina, Bioventus has more than 1,100 employees and a presence in over 50 countries worldwide. In a single year, Bioventus products help more than 500,000 people regain active lifestyles. The company operates internationally, dealing with medical devices and patient information that must be protected at all costs. Bioventus' security is managed by Kerry LeBlanc, who is responsible for the company's cybersecurity, reporting to the director of IT infrastructure and security. Read More
Solution	To address these challenges, Bioventus implemented Rapid7 InsightVM, a leading vulnerability management solution, and Rapid7 InsightIDR, a leading cloud SIEM. The company chose Rapid7 due to its system-wide integration with both InsightIDR and InsightVM. Rapid7's solutions integrated well with the existing environment and the tools Bioventus wanted to implement. Rapid7 also provided strong tech support. The first step was a system-wide assessment to identify gaps and weaknesses. The company needed a SIEM, a vulnerability management solution, and an endpoint detection and response solution. Rapid7 provided visibility and context into threats, discovered unknown issues, and enabled quick correlation, analysis, prioritization, and remediation of threats. The company also used InsightIDR Enhanced Endpoint Telemetry for alerting on malicious processes, threat hunting, asset authentication reporting, and failures. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Endpoint Security

Cybersecurity & Privacy - Intrusion Detection

Applicable Industries

Equipment & Machinery

National Security & Defense

Use Cases

Counterfeit Product Identification

Tamper Detection

Services

Cloud Planning, Design & Implementation Services

Cybersecurity Services

Challenge

Bioventus, a global leader in active healing and surgical orthobiologics, faced significant security challenges due to its large distributed workforce, multiple clouds, diverse devices, and the critical nature of patient data. The company's security team had to deal with user compromise and phishing emails on a daily basis. As an international healthcare company based in the US, Bioventus had the additional challenge of safeguarding patient records. A breach of any sort could be damaging, but a breach of patient records could be particularly expensive. The company also faced common security challenges for enterprises of its size, such as attacks on its cloud-based networks.

About Customer

Bioventus is a global leader in innovations for active healing and surgical orthobiologics. The company works with patients, payers, and healthcare providers throughout the world. Based in Durham, North Carolina, Bioventus has more than 1,100 employees and a presence in over 50 countries worldwide. In a single year, Bioventus products help more than 500,000 people regain active lifestyles. The company operates internationally, dealing with medical devices and patient information that must be protected at all costs. Bioventus' security is managed by Kerry LeBlanc, who is responsible for the company's cybersecurity, reporting to the director of IT infrastructure and security.

Solution

To address these challenges, Bioventus implemented Rapid7 InsightVM, a leading vulnerability management solution, and Rapid7 InsightIDR, a leading cloud SIEM. The company chose Rapid7 due to its system-wide integration with both InsightIDR and InsightVM. Rapid7's solutions integrated well with the existing environment and the tools Bioventus wanted to implement. Rapid7 also provided strong tech support. The first step was a system-wide assessment to identify gaps and weaknesses. The company needed a SIEM, a vulnerability management solution, and an endpoint detection and response solution. Rapid7 provided visibility and context into threats, discovered unknown issues, and enabled quick correlation, analysis, prioritization, and remediation of threats. The company also used InsightIDR Enhanced Endpoint Telemetry for alerting on malicious processes, threat hunting, asset authentication reporting, and failures.

Impact #1	The implementation of Rapid7's solutions has significantly improved Bioventus' security posture. The company now has visibility and context into threats, allowing for quick correlation, analysis, prioritization, and remediation. The use of InsightIDR Enhanced Endpoint Telemetry has been particularly beneficial, providing alerts on malicious processes, aiding in threat hunting, and providing valuable information on asset authentication reporting and failures. The Insight Agent, which feeds both InsightIDR and InsightVM, covers all of Bioventus' environment and locations, providing comprehensive security coverage. The company's security program has matured significantly, earning the confidence of the executive team.

Impact #1

The implementation of Rapid7's solutions has significantly improved Bioventus' security posture. The company now has visibility and context into threats, allowing for quick correlation, analysis, prioritization, and remediation. The use of InsightIDR Enhanced Endpoint Telemetry has been particularly beneficial, providing alerts on malicious processes, aiding in threat hunting, and providing valuable information on asset authentication reporting and failures. The Insight Agent, which feeds both InsightIDR and InsightVM, covers all of Bioventus' environment and locations, providing comprehensive security coverage. The company's security program has matured significantly, earning the confidence of the executive team.

Benefit #1	Reduced response time from three to four hours to ten to fifteen minutes.
Benefit #2	Visibility into all locations, including cloud servers and data center servers.
Benefit #3	Immediate identification of security issues such as credentials in the wrong places, misused configurations, and services that should not be left on.

Benefit #1

Reduced response time from three to four hours to ten to fifteen minutes.

Benefit #2

Visibility into all locations, including cloud servers and data center servers.

Benefit #3

Immediate identification of security issues such as credentials in the wrong places, misused configurations, and services that should not be left on.

Download PDF Version

Overview

Securing Critical Patient Data: Bioventus' Success with Rapid7

Operational Impact

Quantitative Benefit