Nexpose has saved my bacon and allowed me to meet the rather onerous PCI-DSS compliance. Thank you Nexpose, the product is brilliant, fairly easy to use and corrects the security issues.
My business ThirtyFifty is a great smallish business running wine tastings. It is generally a pretty straight forward type of business, but we need to take payments over the phone to confirm bookings. This is fine, but if you have had any experience in PCI compliance, it is getting harder and harder to meet the increasing onerous requirements from a security point of view.
The recent PCI changes require an internal security scan of all devices connected to my network. When I first looked at this it looked like I needed some expensive hardware to run regular tests. But thankfully I discovered Nexpose, a simple free to use app that does the scanning for me. I was so impressed with the product I thought others should know that there are low cost solutions that is easy to use and fairly straight forward.
Installing the software is fairly easy and running the scans is a doodle. The first time I ran the scan I had hundreds of security problems, thankfully most of them were associated with a very old out of date mail program that I don't use so I simply removed it. But some of the other problems listed were a bit trickier to solve. Thankfully, information is supplied on how to fix the problem for most of the common Windows version as well as Unix. So far I have removed all but one of the critical errors, and the last error should be cleared by the close of play today. Phew.
As a way of meeting some of the PCI compliance requirements it is brilliant, and the price of Free is fantastic. But from a security point of view it is nice to know that the environment I run is fairly secure. I'm not so naive to think I can keep out all hackers, but it is nice to know that at least I've closed and locked the front door!