February 6, 2016

PCI DSS

Automated, continuous verification of PCI compliance

 

PCI DSS

If your organization uses systems involved in credit card transaction processing, you are subject to the PCI Data Security Standard (PCI DSS). That means you must have controls in place to validate that you have deployed applications and configurations securely.

It also means that you must detect and notify when unauthorized changes occur on critical system files and configurations.

That’s where we come in. SignaCert® Integrity™ proves PCI compliance by assessing all the systems that you deployed against approved references, automatically and continuously.

SignaCert® Integrity™ generates an audit trail that proves that you have deployed only approved and documented changes to the systems you manage. This dramatically reduces the cost and disruptions of audits.

SignaCert® Integrity™ proves PCI compliance by:

  • Verifying that systems are compliant with PCI standards
  • Detecting and alerting when unauthorized changes occur on monitored systems
  • Generating reports that demonstrate historical PCI compliance

Below are just a few examples of the PCI controls that Integrity verifies continuously.

  • Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
  • Requirement 8: Identify and authenticate access to system components
  • Requirement 10: Track and monitor all access to network resources and cardholder data
  • Requirement 11.5: Deploy a change-detection mechanism (for example, file-integrity monitoring)