Rapid7 > 实例探究 > Rapid7 Managed Services Help Australian Lender Minimize Risk and Maximize InHouse Resources

Rapid7 Managed Services Help Australian Lender Minimize Risk and Maximize InHouse Resources

公司规模

Mid-size Company

地区

Asia
Pacific

国家

Australia
New Zealand

产品

InsightIDR
InsightAppSec
InsightVM
Nexpose

技术栈

Next-gen AV
Web Application Firewalls
Next-gen Firewalls
Email Security Gateways

实施规模

Enterprise-wide Deployment

影响指标

Cost Savings
Productivity Improvements
Customer Satisfaction
Digital Expertise

技术

网络安全和隐私 - 应用安全
网络安全和隐私 - 云安全
网络安全和隐私 - 端点安全
网络安全和隐私 - 网络安全

适用行业

金融与保险

适用功能

商业运营
质量保证

用例

入侵检测系统
监管合规监控
远程资产管理
安全索赔评估

关于客户

With a history that dates back to 1985, Resimac Group is one of Australia’s premier non-bank lenders. Serving 50,000 customers across Australia and New Zealand, the firm has over three decades of experience delivering home finance solutions. Head of IT Operations, Rob Mihalek, and Cybersecurity and Engineering Lead, Brad Smith, work with a small in-house team of three service desk staff and two engineers, plus a handful of contractors. Alongside Rapid7, the firm runs a variety of security tools including next-gen AV, web application firewalls, next-gen firewalls, and email security gateways from industry-leading vendors.

登录后查看完整内容

挑战

Financial institutions around the world have always been an attractive target for hackers keen to get their hands on sensitive customer data, launch online extortion attacks, and interfere in internal business processes to siphon away funds. Even in the United Kingdom, one of the most mature global financial services markets, breaches reported to the regulator soared by 480% in 2018 according to RPC. As part of its customer offerings, Resimac issues a credit card, which means that it is also bound by strict PCI compliance rules. This puts extra pressure on an in-house security team already tasked with keeping escalating threats at bay. With just a handful of staff, Mihalek and his team manage a footprint of approximately 600 assets for the 300+ employees across Australia, New Zealand, and Manila. Needing extra help to support its PCI compliance program—and drive best practices to improve security across the organization—Mihalek sought the help of an outside managed security services provider back in 2017. The decision was underlined by a security incident the firm suffered, an incident Smith claims would have been picked up by a managed security service if one had been in place. But there were also good financial reasons for outsourcing security, says Mihalek.

登录后查看完整内容

解决方案

Using the CIS Top 20 as a benchmarking tool, Mihalek hired a third-party security firm to perform assessments of several providers. They found Rapid7 covered over 80% of their requirements via Rapid7’s portfolio of managed service offerings: Managed Detection and Response (MDR), Managed Vulnerability Management, and Managed AppSec. MDR is Rapid7’s flagship service for around-the-clock threat monitoring, incident management, and response, leveraging Rapid7’s expert threat hunters, SOC analysts, and the InsightIDR cloud SIEM platform. Managed AppSec enables teams to leverage the power of InsightAppSec, Rapid7’s leading DAST solution, and Rapid7 experts to perform scan management, vulnerability validation, and application pen testing. And Managed Vulnerability Management enables customers to leverage their InsightVM or Nexpose investments while saving operational resources. Underpinning each offering is a dedicated security expert, the Customer Advisor (CA), who provides guidance to the Resimac team and ensures the security program continues to mature.

登录后查看完整内容

运营影响

All three managed services run like clockwork, keeping Resimac’s IT systems and data more secure and more compliant at all times. Mihalek and his team check in on their AppSec program and InsightVM around once per month for basic housekeeping, while they consult InsightIDR every day to check the latest breaking alerts.
Outsourcing the management of InsightAppSec and InsightVM has significantly reduced the workload for Resimac’s stretched in-house IT team, while also streamlining internal processes.
Resimac is using the Managed AppSec service to run scans across five core web applications. According to Smith, the service saves time and resources by whittling down findings from the 600 or 700 vulnerabilities reported it may find per site following a scan to just 20 or 30 validated vulnerabilities that the team need to action on. All that’s left is to work alongside the development team on what to prioritize in their SDLC for the upcoming release.
When it comes to the level of engagement with all three managed services, Mihalek and Smith praise the CAs, their single point of contact in the Rapid7 SOC, who can be contacted quickly and easily to solve any issues or escalations. But beyond this, the real strength of the service has been in helping to improve Resimac’s overall security maturity.
In this way, Resimac’s CA was able to suggest and quickly roll-out some custom alerts for a new File Integrity Monitoring (FIM) feature in MDR, which were originally developed for another Rapid7 customer, a large law firm.

登录后查看完整内容

数量效益

An initial assessment of the firm’s security posture two years ago revealed a maturity rating of 1.5/5. Today it has risen to between 2.5 and 3.
Resimac has been able to accelerate its efforts to deliver this uplift in maturity a year ahead of schedule.

登录后查看完整内容

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

相关案例.

Automated Pallet Labeling Solution for SPR Packaging

SPR Packaging, an American supplier of packaging solutions, was in search of an automated pallet labeling solution that could meet their immediate and future needs. They aimed to equip their lines with automatic printer applicators, but also required a solution that could interface with their accounting software. The challenge was to find a system that could read a 2D code on pallets at the stretch wrapper, track the pallet, and flag any pallets with unread barcodes for inspection. The pallets could be single or double stacked, and the system needed to be able to differentiate between the two. SPR Packaging sought a system integrator with extensive experience in advanced printing and tracking solutions to provide a complete traceability system.

Transforming insurance pricing while improving driver safety

The Internet of Things (IoT) is revolutionizing the car insurance industry on a scale not seen since the introduction of the car itself. For decades, premiums have been calculated using proxy-based risk assessment models and historical data. Today, a growing number of innovative companies such as Quebec-based Industrielle Alliance are moving to usage-based insurance (UBI) models, driven by the advancement of telematics technologies and smart tracking devices.

Enhancing Security and Compliance in Remitly's Global Money Transfer Service with Fastly

Remitly, an online remittance service, was faced with the challenge of securing its proprietary global transfer network. The company needed a security solution that could meet PCI requirements and protect customers' sensitive transactions through its mobile application. The solution had to be capable of defending against new and emerging attack types without impacting performance. Remitly also had to deal with irregular traffic patterns, such as a sudden spike in account transfers from a small network segment on the Pacific coastline of South America. The company needed to determine in real time whether such traffic indicated an attack or valid requests. A traditional web application firewall (WAF) would not be able to distinguish this traffic, potentially leading to customer frustration if the IP was blacklisted.

Real-time In-vehicle Monitoring

The telematic solution provides this vital premium-adjusting information. The solution also helps detect and deter vehicle or trailer theft – as soon as a theft occurs, monitoring personnel can alert the appropriate authorities, providing an exact location.“With more and more insurance companies and major fleet operators interested in monitoring driver behaviour on the grounds of road safety, efficient logistics and costs, the market for this type of device and associated e-business services is growing rapidly within Italy and the rest of Europe,” says Franco.“The insurance companies are especially interested in the pay-per-use and pay-as-you-drive applications while other organisations employ the technology for road user charging.”“One million vehicles in Italy currently carry such devices and forecasts indicate that the European market will increase tenfold by 2014.However, for our technology to work effectively, we needed a highly reliable wireless data network to carry the information between the vehicles and monitoring stations.”

Safety First with Folksam

The competitiveness of the car insurance market is driving UBI growth as a means for insurance companies to differentiate their customer propositions as well as improving operational efficiency. An insurance model - usage-based insurance ("UBI") - offers possibilities for insurers to do more efficient market segmentation and accurate risk assessment and pricing. Insurers require an IoT solution for the purpose of data collection and performance analysis

Smooth Transition to Energy Savings

The building was equipped with four end-of-life Trane water cooled chillers, located in the basement. Johnson Controls installed four York water cooled centrifugal chillers with unit mounted variable speed drives and a total installed cooling capacity of 6,8 MW. Each chiller has a capacity of 1,6 MW (variable to 1.9MW depending upon condenser water temperatures). Johnson Controls needed to design the equipment in such way that it would fit the dimensional constraints of the existing plant area and plant access route but also the specific performance requirements of the client. Morgan Stanley required the chiller plant to match the building load profile, turn down to match the low load requirement when needed and provide an improvement in the Energy Efficiency Ratio across the entire operating range. Other requirements were a reduction in the chiller noise level to improve the working environment in the plant room and a wide operating envelope coupled with intelligent controls to allow possible variation in both flow rate and temperature. The latter was needed to leverage increased capacity from a reduced number of machines during the different installation phases and allow future enhancement to a variable primary flow system.

Automated Pallet Labeling Solution for SPR Packaging

SPR Packaging, an American supplier of packaging solutions, was in search of an automated pallet labeling solution that could meet their immediate and future needs. They aimed to equip their lines with automatic printer applicators, but also required a solution that could interface with their accounting software. The challenge was to find a system that could read a 2D code on pallets at the stretch wrapper, track the pallet, and flag any pallets with unread barcodes for inspection. The pallets could be single or double stacked, and the system needed to be able to differentiate between the two. SPR Packaging sought a system integrator with extensive experience in advanced printing and tracking solutions to provide a complete traceability system.

Transforming insurance pricing while improving driver safety

The Internet of Things (IoT) is revolutionizing the car insurance industry on a scale not seen since the introduction of the car itself. For decades, premiums have been calculated using proxy-based risk assessment models and historical data. Today, a growing number of innovative companies such as Quebec-based Industrielle Alliance are moving to usage-based insurance (UBI) models, driven by the advancement of telematics technologies and smart tracking devices.

Enhancing Security and Compliance in Remitly's Global Money Transfer Service with Fastly

Remitly, an online remittance service, was faced with the challenge of securing its proprietary global transfer network. The company needed a security solution that could meet PCI requirements and protect customers' sensitive transactions through its mobile application. The solution had to be capable of defending against new and emerging attack types without impacting performance. Remitly also had to deal with irregular traffic patterns, such as a sudden spike in account transfers from a small network segment on the Pacific coastline of South America. The company needed to determine in real time whether such traffic indicated an attack or valid requests. A traditional web application firewall (WAF) would not be able to distinguish this traffic, potentially leading to customer frustration if the IP was blacklisted.

Real-time In-vehicle Monitoring

The telematic solution provides this vital premium-adjusting information. The solution also helps detect and deter vehicle or trailer theft – as soon as a theft occurs, monitoring personnel can alert the appropriate authorities, providing an exact location.“With more and more insurance companies and major fleet operators interested in monitoring driver behaviour on the grounds of road safety, efficient logistics and costs, the market for this type of device and associated e-business services is growing rapidly within Italy and the rest of Europe,” says Franco.“The insurance companies are especially interested in the pay-per-use and pay-as-you-drive applications while other organisations employ the technology for road user charging.”“One million vehicles in Italy currently carry such devices and forecasts indicate that the European market will increase tenfold by 2014.However, for our technology to work effectively, we needed a highly reliable wireless data network to carry the information between the vehicles and monitoring stations.”

Safety First with Folksam

The competitiveness of the car insurance market is driving UBI growth as a means for insurance companies to differentiate their customer propositions as well as improving operational efficiency. An insurance model - usage-based insurance ("UBI") - offers possibilities for insurers to do more efficient market segmentation and accurate risk assessment and pricing. Insurers require an IoT solution for the purpose of data collection and performance analysis

Smooth Transition to Energy Savings

The building was equipped with four end-of-life Trane water cooled chillers, located in the basement. Johnson Controls installed four York water cooled centrifugal chillers with unit mounted variable speed drives and a total installed cooling capacity of 6,8 MW. Each chiller has a capacity of 1,6 MW (variable to 1.9MW depending upon condenser water temperatures). Johnson Controls needed to design the equipment in such way that it would fit the dimensional constraints of the existing plant area and plant access route but also the specific performance requirements of the client. Morgan Stanley required the chiller plant to match the building load profile, turn down to match the low load requirement when needed and provide an improvement in the Energy Efficiency Ratio across the entire operating range. Other requirements were a reduction in the chiller noise level to improve the working environment in the plant room and a wide operating envelope coupled with intelligent controls to allow possible variation in both flow rate and temperature. The latter was needed to leverage increased capacity from a reduced number of machines during the different installation phases and allow future enhancement to a variable primary flow system.

Automated Pallet Labeling Solution for SPR Packaging

SPR Packaging, an American supplier of packaging solutions, was in search of an automated pallet labeling solution that could meet their immediate and future needs. They aimed to equip their lines with automatic printer applicators, but also required a solution that could interface with their accounting software. The challenge was to find a system that could read a 2D code on pallets at the stretch wrapper, track the pallet, and flag any pallets with unread barcodes for inspection. The pallets could be single or double stacked, and the system needed to be able to differentiate between the two. SPR Packaging sought a system integrator with extensive experience in advanced printing and tracking solutions to provide a complete traceability system.

Transforming insurance pricing while improving driver safety

The Internet of Things (IoT) is revolutionizing the car insurance industry on a scale not seen since the introduction of the car itself. For decades, premiums have been calculated using proxy-based risk assessment models and historical data. Today, a growing number of innovative companies such as Quebec-based Industrielle Alliance are moving to usage-based insurance (UBI) models, driven by the advancement of telematics technologies and smart tracking devices.

Enhancing Security and Compliance in Remitly's Global Money Transfer Service with Fastly

Remitly, an online remittance service, was faced with the challenge of securing its proprietary global transfer network. The company needed a security solution that could meet PCI requirements and protect customers' sensitive transactions through its mobile application. The solution had to be capable of defending against new and emerging attack types without impacting performance. Remitly also had to deal with irregular traffic patterns, such as a sudden spike in account transfers from a small network segment on the Pacific coastline of South America. The company needed to determine in real time whether such traffic indicated an attack or valid requests. A traditional web application firewall (WAF) would not be able to distinguish this traffic, potentially leading to customer frustration if the IP was blacklisted.

© 2015-2025 Asia Growth Partners Limited | 隐私条款

联系我们

欢迎与我们交流!

感谢您的信息！
我们会很快与你取得联系。