Recently, the retail industry has been the victim of numerous high profile attacks. A data breach isn't just a PR nightmare, it's costly to the business, too: 69% of consumers would be less inclined to do business with a breached organization.
Retail businesses are a popular target for attackers as they hold valuable credit card data that can be quickly converted into cash. According to the Verizon Data Breach Investigations Report (DBIR), 61% of attacks targeted payment card data. Retailers also need to balance the demands of securing their environment with Payment Card Industry Data Security Standards (PCI DSS) compliance requirements.
Rapid7 is a PCI Approved Scanning Vendor (ASV), which means we can help you achieve compliance with PCI DSS. Our services team can help you perform quarterly vulnerability scans, conduct internal and external penetration tests, and identify gaps in your security program against PCI DSS requirements.
Vulnerabilities in point–of–sale (POS), e–commerce applications and other retail systems provide an access point for attackers to breach your network. Identify and prioritize critical risks for remediation with InsightVM, test your defenses with Metasploit Pro, and assess the security of modern web applications with InsightAppSec.
According to the Verizon DBIR, 99% of POS intrusions took weeks or more to discover. During this time, attackers are harvesting and exfiltrating payment card data to sell on the dark web. Rapid7 Managed Detection and Response puts our expert team in your ecosystem 24/7 to detect attacks before they reach the POS systems, or your team can do it themselves with our core incident detection and response technology, InsightIDR.