PCI DSS Compliance
Accelerate PCI DSS Compliance & Security with AlienVault Unified Security Management™
Satisfy the most challenging requirements in a matter of a few days, not weeks or months. AlienVault gives you all of the tools you need in one place, so you can save significant time and money in achieving PCI DSS compliance and improving the security of your network.
Must-Have Security Technologies for PCI DSS Compliance
All in a Single Pane of Glass
Prove Compliance for Even the Most Challenging Requirements
Logging and Reporting: PCI DSS Requirement 10
AlienVault USM™ helps you collect and protect your log records, as well as prove you’ve done so.
10.1 - 10.4 deals with collecting audit logs, tracking access to cardholder data, actions taken by admins, failed logins, and manipulation of the audit trail. AlienVault USM provides the ability for each event logged in the system to be attributed to a particular user. This provides forensic storage of events for later audit. For highly sensitive components the AlienVault host-based agent can be used in order to provide full visibility into all actions taken on particular machines. Specific to section 4 (10.4), we timestamp our audit logs.
10.5 requires that audit trails be secured so they cannot be altered. AlienVault provides full role-based access control for access to audit trails and event logs. An additional separate audit log provides a record of modifications to the event log. All entries are time stamped and hashed to identify attempts of tampering.
10.7 mandates that you retain audit history for at least one year, with a minimum of three months immediately available for analysis. AlienVault provides the ability for both online and offline storage. Through the user interface, automated back-ups can be created to allow for offline storage and restoration of events. This provides the flexibility for long-term log retention even in high-volume environments.
Vulnerability Assessment: PCI DSS Requirement 11
Out of the box, AlienVault USM™ provides vulnerability assessment that allows you to identify and assess weaknesses in your environment. USM’s asset management and vulnerability scanning identifies any discovered vulnerabilities and correlates the data gathered by its asset discovery scans with known vulnerability information for improved accuracy. Built-in file integrity monitoring alerts users to changes to critical files but can also be customized to monitor any file set.
Incident Response Planning: PCI DSS Requirement 12
Make sure the right people get notified to take action in the case of an incident. USM provides the alerting you need, down to the level of texting security professionals in real time as incidents occur. With USM, you get 24X7 coverage.
Compare AlienVault™ for PCI Compliance to the Point Product Approach
Which PCI requirements can you simplify with USM™? The table below illustrates the difference between attempting to do this with point solutions vs. the combined power of USM. Download PCI Compliance Solution Brief.