Rapid7 LLC, provider of the award-winning NeXpose vulnerability scanning solution and the NeXpose PCI Compliance Portal, has joined the Payment Card Industry Security Vendor Alliance (PCI SVA), a collaboration of leading IT firms.
Launched in January, the PCI SVA is dedicated to educating and providing products and services to organizations in the payment card industry that must comply with the PCI Data Security Standard (DSS) to ensure the protection and privacy of consumer credit card data and other personal information. Rapid7 is certified by the payment card industry to help merchants, service providers and others achieve compliance with the PCI DSS by performing onsite security assessments and quarterly network scans.
“Credit card fraud and press about lax privacy standards at information clearing houses are driving consumers to demand action,” states Alan Matthews, president of Rapid7 LLC. “PCI compliance provides consumers some assurance that the online transaction systems they are using are secure. By achieving PCI compliance, merchants pledge they are serious about the security of their customer’s information. The firms in the PCI SVA will communicate policies, information and technologies to merchants implementing PCI DSS procedures, and provide a channel to the PCI Standards Council for the merchant to express their needs. All parties in this industry understand the financial and strategic value of being compliant with industry standards when financial transactions are processed.”
The PCI SVA was formed to support the objectives of the payment card industry and work with merchants, banks, payment processors and others in the industry on implementing their PCI DSS compliance initiatives. By using a PCI-certified security scanning vendor such as Rapid7 and others in the PCI SVA, merchants can proactively protect their businesses and the data in their payment systems against the threat of compromises. Left undetected, vulnerabilities can potentially lead to unauthorized access, but by finding and fixing any exposures, a PCI compliance solution reduces the risk of intrusion.
The PCI DSS is the global standard adopted by companies in the credit card industry to ensure the protection of customer information. According to the standard, all members, merchants, and service providers that store or process credit cards must meet specific security requirements, which necessitate building a secure network and maintaining a vulnerability management program.
About the Rapid7 PCI Compliance Portal
The Rapid7 PCI Compliance Portal (https://pci.rapid7.com) is a remote, easy-to-use scanning solution that meets the security requirements of all credit card companies by going beyond scanning network devices to locate the Website and database vulnerabilities that hackers commonly exploit to capture credit card data. Using the NeXpose expert system, the Rapid7 PCI Compliance Portal searches for vulnerabilities intelligently, providing results with unsurpassed accuracy and no false positives. Like NeXpose, the Rapid7 PCI Compliance Portal generates detailed remediation reports containing project plans, system links, vulnerability definitions and a step-by-step guide for fixing any exposures, allowing companies to achieve compliance quickly.
Rapid7’s PCI Compliance Portal is a hosted, self-service solution that requires no software or hardware and is accessed via a Web browser. Companies can conduct unlimited scans for an annual fee, achieving NeXpose’s enterprise-level capabilities at a cost that is within their budget.
The award-winning NeXpose enterprise vulnerability management solution scans Web server applications, Databases, Operating Systems, and Network Devices to locate threats, assess their risk to the environment, devise a remediation plan and implement the ticketing process. NeXpose incorporates an expert system to build a knowledge base of facts on the environment it’s exploring and model potential targeted attacks to expose all existing threats. NeXpose provides robust reporting capabilities that ensure compliance with governmental regulations and corporate security configuration policies, as well as the PCI Data Security Standard.
About PCI SVA
PCI SVA (http://www.pcialliance.org) assists members of the payment card industry, composed of merchants, banks and point-of-sale vendors, in educating the business community on the requirements and business value of the Payment Card Industry (PCI) Data Security Standard, a global benchmark intended to improve security throughout the entire payment card transaction process.
Rapid7 was founded in 1999 by a team of software industry veterans who were major contributors to product development and subsequent growth and success at Percussion Software, Bond Technologies and Stride & Associates. Since introduced, NeXpose has been sold to over 220 organizations in the U.S. and abroad. Rapid7 sells NeXpose to corporate enterprises, Global 2000 companies, and government entities, and serves the full range of vertical markets.
Rapid7 is headquartered in Boston, MA, with offices in California and the United Kingdom. For more information on the company and its product, NeXpose, visit http://www.rapid7.com.