What's new in Cogent: Multi-tier system ownership. Read about it here
Large Hospitality Brand Automates PCI Compliance with Cogent
How one of the world's largest hotels replaced days of manual reporting with real-time dashboards and cut zero-day response time from days to minutes.
40 hours
per month reclaimed from manual PCI reporting
90%
reduction in vulnerability noise requiring action
30 min
response to zero-day vulnerabilities
The Customer
Operating one of the largest hotels in the world, this hospitality brand runs 24/7 casino and hotel operations across gaming, corporate, and guest systems. The environment creates a massive, constantly changing attack surface. As a merchant handling cardholder data, the company must meet PCI-DSS requirements with documented evidence of timely remediation, risk ranking, and cross-functional accountability.
"Cogent became our PCI source of truth. We went from spreadsheet chaos and reactive fire drills to a system where executive questions get answered in real time."
CISO
Large Hospitality Brand
The Challenge
PCI reporting consumed days of manual work every two weeks. A vulnerability management engineer would pull data from scanners, build Excel pivots, run VLOOKUP formulas to match findings to owners, cross-reference CMDB tags, and assemble slide decks showing Critical and High vulnerabilities by business unit. The final deck often lagged the actual state of the environment. By the time leadership reviewed it, priorities had already shifted.
The CMDB could not keep pace with the environment. Inconsistent naming conventions meant tickets bounced back when the system could not match an asset to an owner. Security had to chase down the right team manually, which delayed fixes and blurred accountability. For shared infrastructure used by multiple groups, ownership was especially unclear.
SLA tracking existed in theory but was hard to enforce in practice. Leadership wanted a portfolio view of what was out of SLA, which teams were meeting deadlines, and where risk was accumulating. Instead, they got static snapshots pieced together from disconnected tools. Escalations happened reactively when someone noticed a critical issue sitting untouched.
"In meetings, I used to say 'I'll get back to you on that' and spend hours in BI tools and Excel. Now I ask Cogent in plain language and generate charts in seconds. Executive questions get answered in real time, not days later."
Vulnerability Management Engineer
Major Hospitality Brand
The Solution
The hospitality brand deployed Cogent as the execution layer on top of their existing security stack. Cogent connected to scanners, CMDB, EDR, and cloud tools, then de-duplicated findings, reconciled asset ownership, and computed SLA timelines automatically.
Cogent consolidated disparate data into a single source of truth. Instead of manually matching assets to owners across systems, Cogent inferred ownership from tags, metadata, and login activity. Business units (gaming, hotel, marketing) could now see their exposure in real time without waiting for someone to compile it.
The team built a live PCI dashboard with Cogent's visualization agent. The dashboard replaced static decks with an auto-updating view of PCI scope, SLA health, and risk acceptance across business units. Drill-down tables showed aging, severity, and ownership at the asset level. Exports were audit-ready without manual cleanup.
The Results
The hospitality brand now operates a vulnerability management program that keeps pace with a 24/7 casino and hotel environment. Reporting that used to take days happens in seconds. Zero-day response that used to take days happens in minutes.
The biweekly PCI deck that consumed 40+ hours per month of manual Excel work now auto-generates from live dashboards. Analysts spend time driving remediation instead of assembling slides. Executive questions get answered during the meeting instead of days later.
Cogent's AI agents handle the investigation work that used to consume hours. When a zero-day vulnerability hit in October 2025, Cogent pulled evidence across tools, identified affected systems, validated exposure, and proposed a remediation plan with draft scripts. What would have taken days of research and coordination happened in minutes.
"We replaced days of manual coordination with a system that answers the hard questions instantly. Cogent handles the detective work so we can focus on fixing what matters."
Vulnerability Management Engineer
Major Hospitality Brand
