Hannaford Supermarkets installs Rapid7's NeXpose for Achieving Compliance with the Payment Card Industry (PCI) Data Security Standard
UPDATE BOSTON – March 18th, 2008
While Hannaford Brothers have confirmed that a recent breach resulted in the theft of sensitive data, Hannaford has also confirmed that NeXpose continues to provide exceptional vulnerability management and outstanding remediation reporting and the no systems within the NeXpose scan network contributed to the loss of data. Visit www.rapid7.com today to understand how NeXpose can be used to provide advanced protection against unauthorized data access.
Boston, MA - August 15, 2006 - Rapid7 today announced that the Hannaford Bros. Co. has purchased NeXpose, its award-winning enterprise vulnerability management solution, to perform network security scanning in compliance with the Payment Card Industry (PCI) Data Security Standard.
NeXpose will be used to scan devices in Hannaford's networks and at point-of-sale in its 158 retail supermarkets and food and drug stores, ensuring the protection of customers' credit card data and other information. Rapid7 is a MasterCard-approved security scanning vendor as part of the MasterCard Site Data Protection (SDP) Program.
During a review of several vulnerability management solutions for performing its PCI compliance scanning, Hannaford found that NeXpose stood out for several reasons.
"NeXpose is extremely thorough in its compliance checking against devices," stated David Fournier, senior information security analyst, Hannaford Bros. Co. "NeXpose also demonstrated it enables integration with other technologies. We can easily integrate it with the Peregrine Service Center, the software we use for call-ticketing and incident-handling."
Fournier further reported, "The product is easy to use; the interface makes it simple to set up and perform the scanning. We were also pleased to learn that it is an affordable solution and fit within our budget."
"By deploying NeXpose vulnerability management to secure its networks, Hannaford is proactively protecting its business and the customer data in its payment systems against the threat of compromises," stated Alan Matthews, president of Rapid7 LLC. "Vulnerabilities left undetected can potentially lead to unauthorized access, but by finding and fixing any exposures, NeXpose reduces the risk of intrusion."
NeXpose PCI Compliance provides scan templates and reporting capabilities that meet or exceed the MasterCard SDP specifications for system security scanning. The PCI Standard compliance report presents pass/fail information at both executive and administrator detail levels. A complete remediation plan is generated that enables security analysts to bring their system devices into full compliance with the PCI Standard.
About Hannaford Bros. Co.
Hannaford Bros. Co., based in Scarborough, Maine, operates 158 supermarkets and food and drug combination stores in Maine, New Hampshire, Vermont, New York and Massachusetts. These stores operate under the Hannaford Supermarket and Hannaford Supermarket and Pharmacy names. Hannaford employs more than 26,000 associates. The company is owned by Delhaize Group of Brussels, Belgium. Additional information can be found at www.hannaford.com.
About Rapid7 NeXpose
The award-winning Rapid7 NeXpose Unified Vulnerability Management (UVM) is an all-in-one security solution that scans networks, Web applications, databases, to locate threats, assess their risk to the environment, devise a remediation plan and implement the ticketing process. NeXpose incorporates an expert system to build a knowledge base of facts on the environment it explores and model potential targeted attacks to expose all existing threats. NeXpose provides robust reporting capabilities that ensure compliance with governmental regulations, corporate security configuration policies, and the PCI Data Security Standard. NeXpose is available as a "plug and play" appliance, downloadable software, or an On-Demand hosted solution.
About Rapid7
Rapid7 is the leading provider of Unified Vulnerability Management (UVM) Solutions. Rapid7 NeXpose UVM provides network, database and web application vulnerability management for enterprise deployments and small to medium businesses. Rapid7 was founded in 2000 by a team of software industry veterans who were major contributors to product development and subsequent growth and success at Percussion Software, Bond Technologies and Stride & Associates. Since introduced, NeXpose has been sold to corporate enterprises, Global 2000 companies, and government entities, and serves the full range of vertical markets across the U.S. and abroad. In addition, Rapid7 provides compliance products and services for PCI, HIPAA and Sarbanes Oxley. Rapid7 is headquartered in Boston, MA, with offices in California and the United Kingdom. For more information on the company and its product, NeXpose, visit www.rapid7.com.