Rapid7 > Case Studies > Managed Care Systems Inc. Leverages Rapid7 Pen Testing to Evaluate User Roles and Privileges

Managed Care Systems Inc. Leverages Rapid7 Pen Testing to Evaluate User Roles and Privileges

Rapid7 Logo
Customer Company Size
SME
Region
  • America
Country
  • United States
Product
  • Visova
  • Rapid7 Pen Testing
Tech Stack
  • Apache
Implementation Scale
  • Enterprise-wide Deployment
Impact Metrics
  • Customer Satisfaction
  • Digital Expertise
Technology Category
  • Cybersecurity & Privacy - Security Compliance
  • Cybersecurity & Privacy - Application Security
Applicable Industries
  • Healthcare & Hospitals
Applicable Functions
  • Business Operation
Services
  • Cybersecurity Services
  • System Integration
About The Customer
Managed Care Systems Inc. (MCSI) is a small business with 15 employees that plays a vital role in the United States’ healthcare sector. For over 20 years, MCSI has been providing industry-leading automated health claim software designed to put the management and implementation of business processes into the hands of expert end users. MCSI’s flagship Visova offering automates claims processing, enrollment, cost containment, and other benefit management procedures for some of the largest claims handling organizations in the country.
The Challenge
MCSI wanted to test the ability of their back end, role-based access controls to curb attempts to elevate privileges. They needed an official way to inform clients and regulators on the security and integrity of their systems, while also satisfying HIPAA standards with a third-party evaluation.
The Solution
The Rapid7 team guided MCSI through recommendations and functional areas to focus on for a role-based pen test. Rapid7 provided a list of requirements explaining where new users needed to be created, as well as detailed information at the beginning and end of each working day to ensure MCSI was fully briefed and up-to-date on the pen testing progress. The resulting pen test report highlighted actionable items for MCSI, providing a granular level of detail into resolutions, further resources, discussion points, and advice to help them prioritize that list.
Operational Impact
  • MCSI was able to leverage Rapid7’s highly actionable and specific report to create internal tickets that resulted in quick vulnerability resolution.
  • The communication between MCSI and Rapid7 ensured that if an issue did occur, the MCSI team could quickly assess and determine if it was the result of the pen testing or some other activity.
  • Rapid7's cautionary notes minimized any unwanted surprises during the process and reassured MCSI of their choice.
  • The pen test report provided a granular level of detail into resolutions, further resources, discussion points, and advice to help MCSI prioritize the list of actionable items.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.