Securing 50K Manufacturing Endpoints Without New Licenses
Industry
Manufacturing
Customer
Heavy Equipment Manufacturer
The customer is a global manufacturing organization operating a large, distributed Windows environment with more than 50,000 endpoints. Security and IT teams are responsible for maintaining visibility, compliance, and audit readiness across a highly diverse workforce and device footprint.
Key Highlights
Situation
The organization relied on Rapid7 InsightIDR for security monitoring and vulnerability management but evolving internal and regulatory requirements demanded detailed visibility into browser extensions across all workstations. With a fleet exceeding 50,000 devices, traditional reporting methods were impractical and expensive. A third-party reporting tool existed, but licensing costs were prohibitive given the device count.
Problem
Security and compliance teams lacked a reliable method to collect, centralize, and trend browser extension data across the entire environment. Manual exports and workstation-level checks were not only time-consuming and inconsistent; they were functionally impossible at this scale. Rapid7’s native dataset did not provide the structured reporting or historical insight required for compliance or leadership visibility.
The organization needed a scalable way to bridge the gap between endpoint telemetry, Rapid7, and business-ready reporting, without incurring unnecessary recurring licensing costs.
Solution
To meet compliance needs cost-effectively, a custom end-to-end automated data pipeline was designed and implemented:
Endpoint Data Collection
We developed a PowerShell script deployed across all Windows workstations.
Script collected browser extension metadata from all installed web browsers.
Data was packaged and securely uploaded into Rapid7 as custom telemetry.
Automated Ingestion + SQL Normalization
A scheduled daily process retrieved the extension data from Rapid7’s API.
Data was normalized into structured SQL tables optimized for reporting and trending.
Built-in validation and error handling ensured long-term reliability and data integrity.
Reporting & Compliance Layer
Lastly, the SQL-backed solution layer consisted of Business Intelligence (BI) reports that enabled consistent visibility across the entire device fleet. Analysts and auditors gained the ability to query historical data for trend analysis and compliance evidence.
The client’s security team was able to layer BI tools such as Power BI on top for dashboards and leadership insights. The solution replaced the need for expensive reporting licenses with a scalable in-house capability.
Operational Impact
The solution helped the client avoid spending additional money on reporting tools and saved 100s of hours manually tracking how the browser extensions were used.
Cost Avoidance
Eliminated the need for expensive per-device licensing from a third-party reporting tool.
Delivered an enterprise-scale reporting solution with zero additional licensing cost.
Time Saved
Completely removed the need for manual workstation-level checks.
Browser extension data became accurate, centralized, and updated daily so no one had to chase any documentation or statuses.
A lot of time is saved after eliminating the human error inherent in manual export and spreadsheet workflows.
Visibility & Compliance
Provided leadership with clear, evidence-based visibility into extension compliance across 50,000+ devices.
Our solution enabled rapid and consistent responses to audit and regulatory requirements.
Business Outcomes
The most profound outcome the solution helped in was achieving regulatory compliance without incurring additional reporting software licensing costs. Additionally, the client obtained several benefits like:
A scalable reporting foundation capable of supporting 50,000+ endpoints with minimal operational overhead.
Audit readiness with consistent, queryable, and historically tracked data.
The solution helped free security engineers focus on higher-value strategic work instead of manual data collection.
Provided leadership with actionable insights into browser extension risk and usage trends.
