Training & Certification
Request a Proposal
User Behavior Analytics
By Compliance Requirement
Find a Partner
About Our Research
Meet the Team
National Exposure Index
Quarterly Threat Report
Under the Hoodie
Events & Webcasts
Training & Certification
IT & Security Fundamentals
News & Press Releases
Recently, the retail industry has been the victim of numerous high profile attacks. A data breach isn't just a PR nightmare, it's costly to the business, too: 69% of consumers would be less inclined to do business with a breached organization.
Retail businesses are a popular target for attackers as they hold valuable credit card data that can be quickly converted into cash. According to the Verizon Data Breach Investigations Report (DBIR), 61% of attacks targeted payment card data. Retailers also need to balance the demands of securing their environment with Payment Card Industry Data Security Standards (PCI DSS) compliance requirements.
We understand the unique security needs of your industry. Find out how we can put that insight to work for you.
Rapid7 is a PCI Approved Scanning Vendor (ASV), which means we can help you achieve compliance with PCI DSS. Our services team can help you perform quarterly vulnerability scans, conduct internal and external penetration tests, and identify gaps in your security program against PCI DSS requirements.
Vulnerabilities in point–of–sale (POS), e–commerce applications and other retail systems provide an access point for attackers to breach your network. Identify and prioritize critical risks for remediation with Nexpose, test your defenses with Metasploit Pro, and assess the security of modern web applications with AppSpider.
According to the Verizon DBIR, 99% of POS intrusions took weeks or more to discover. During this time, attackers are harvesting and exfiltrating payment card data to sell on the dark web. Rapid7 Managed Detection and Response puts our expert team in your ecosystem 24/7 to detect attacks before they reach the POS systems, or your team can do it themselves with our core incident detection and response technology, InsightIDR.
Compliance should boost your security, not burden it. Rapid7's PCI compliance guide lays out the requirements of compliance, as well as the things you can do to not only meet those requirements, but improve your overall security in the process.
Whoever said, "Any press is good press" was obviously never the victim of a retail data breach. As a retailer, to keep your data out of the headlines, you need to keep your data secure and compliant. And we have just the free resources to help.