Companies that handle credit card data or other types of payment card data understand the importance of complying with the PCI Compliance regulation. The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes. PCI requirements include:
Requirement 10: Track and Monitor all access to network resources and cardholder data.
Requirement 10.6: Review logs and security events for all system components to identify anomalies or suspicious activity. Note: Log harvesting, parsing, and alerting tools may be used to meet this requirement.
Many breaches occur over days or months before being detected. Regular log reviews by personnel or automated means can identify and proactively address unauthorized access to the cardholder data environment. The log review process does not have to be manual. The use of log harvesting, parsing, and alerting tools can help facilitate the process by identifying log events that need to be reviewed.
10.6.1 Review the following at least daily:
- All security events
- Logs of all system components that store, process, or transmit CHD and/or SAD
- Logs of all critical system components
- Logs of all servers and system components that perform security functions (for example, firewalls, intrusion-detection systems/intrusion prevention systems (IDS/IPS), authentication servers, e-commerce redirection servers, etc.).
10.6.2 Review logs from all other system components periodically based on the organization’s policies and risk- management strategy, as determined by the organization’s annual risk assessment.
10.6.3 Follow up exceptions and anomalies identified during the review process
PCI DSS v3.2
By utilizing a SIEM, like AlienVault USM, or a Managed SIEM, you can eliminate the headaches caused by PCI DSS compliance. Unlike PCI compliance software, a managed SIEM like AlienVault combines multiple essential security technologies needed to demonstrate compliance, all in one affordable and easy-to-use solution. You can fully deploy USM for your on-premises, AWS cloud, or Azure cloud PCI environments in just 1 – 2 days, so you can achieve PCI DSS compliance faster and ensure continuous security and compliance monitoring year-round.
Cybriant Managed SIEM delivers essential unified security capabilities that help you to pass your next PCI audit. Our managed SIEM features –
A PCI Compliance Checklist of Essential Security Capabilities in One Solution
- Asset Discovery and Inventory
- Vulnerability Assessment
- Intrusion Detection (IDS)
- File Integrity Monitoring (FIM)
- SIEM Event Correlation
- Log Management & Monitoring
Support for Even the Most Challenging PCI DSS Requirements
- PCI Requirement 10: Logging and Reporting
- PCI Requirement 11: Vulnerability Assessment
- PCI Requirement 12: Incident Response Planning
A Faster, More Affordable Approach to PCI Compliance than Point Security Solutions