Case Study: Wyndham Worldwide achieves a 50% reduction in risk score with Rapid7

Wyndham Hotels Slices Its Risk Score In Half With the Rapid7 Platform

Wyndham Hotels & Resorts, the world’s largest hotel franchising company with roughly 9,100 properties and 100M+ Wyndham Rewards members, faced a large attack surface across a sprawling public website, 150+ business applications, and a largely remote corporate workforce. Those distributed endpoints and numerous apps created visibility gaps and slow, spreadsheet-driven vulnerability workflows that made timely detection and remediation difficult.

Wyndham consolidated security on the Rapid7 platform—InsightAppSec, InsightIDR, and InsightVM—using agent-driven data, DAST scans, and unified dashboards to replace spreadsheets, prioritize patching, and integrate with existing tools. The platform enabled faster, coordinated response (including full Log4j remediation within 30 days) and drove measurable improvement: a 50% reduction in Wyndham’s Rapid7 Real Risk Score overall, with some teams reducing risk by as much as 80%.

Wyndham Worldwide

Joseph Gothelf

Vice President for Cybersecurity