Simplifying the PCI Compliance Process
The Rapid7 PCI Compliance Portal is a simple, effective way for businesses, online merchants and credit card service providers achieve compliance with the Payment Card Industry's standard for protecting credit card information. Achieving compliance assures your customers that you are serious about the security of their personal information.
When you sign up for an annual service, you get unlimited vulnerability scans of the systems you have selected to be under this service. This enables you to scan your environment as much as you need to maintain the security required to comply with the PCI DSS standard. When you scan your systems, you receive a report with detailed instructions on how to fix the vulnerabilities that were found.
Enterprise Strength Solution with No Hidden Costs
Built upon our award-winning, enterprise strength vulnerability management solution, NeXpose, the Rapid7 PCI Compliance Portal provides many benefits that sets us apart from other PCI scan portals.
Self Service, Easy to Use
As a hosted, self-service solution, the Rapid7 PCI Compliance Portal is cost effective for your business. Our solution requires no software to deploy and manage and gives you unlimited scans for your annual contract. All merchants, including small to mid-sized businesses, can get the benefits of using our enterprise strength NeXpose solution at a cost that is within your budget.
Detailed Remediation Reports
One of the most powerful features of the Rapid7 PCI Compliance Portal is its ability to provide robust and useful reports to help you fix issues quickly and efficiently. Remediation reports provide the details about each vulnerability, including project plans, system links, definitions of vulnerabilities and detailed steps for fixing the problem along with time estimates, helping you plan your time effectively. When it comes to PCI compliance, you don't have time to figure out how to fix issues yourself. We ensure you have everything you need to complete the compliance effort.
Securing Web Applications
Rapid7 PCI Compliance Portal goes beyond scanning just network devices and scans for Web site and database vulnerabilities that hackers can use to capture credit card information without you being aware. VISA listed SQL injection attacks on commercial shopping carts as being one of the top 5 credit card risks. A SQL injection attack is where hackers try inserting unauthorized SQL statements into a Web application that requests user input to try to hack the database where this information gets stored. Our underlying technology can scan for and uncover SQL injection, as well as other Web server exploits, and provide detailed remediation plans to help you fix these exposures and gain PCI compliance more quickly.
In addition to scanning Web servers to uncover issues that could compromise your reputation as a reliable merchant, NeXpose also provides complete coverage for all systems, software and devices in your IT environment, including:
No False Positives
Scanning for and finding vulnerabilities in your network is a more complex task than having an automated piece of software look for known vulnerabilities that it has stored in its database. Getting a report laden with incorrect results, or false positives, makes achieving PCI compliance a more difficult process.
The Rapid7 PCI Compliance Portal uses an expert system to intelligently search for vulnerabilities, finding more exposures than similar products with an accuracy that is unsurpassed by any other vulnerability management product. We take you right to the heart of the issue and ensure you spend your time fixing real issues, not chasing false positive results.
