How to Simplify PCI DSS Compliance with AlienVault USM
alienvault
1,900 views
21 slides
Mar 19, 2014
Slide 1 of 21
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
About This Presentation
Demonstrating compliance with PCI DSS is far from a trivial exercise. Those 12 requirements often translate into a lot of manual and labor-intensive tasks, along with the need to access data and reports from many different systems and tools. Join us for this technical demo to learn how AlienVault ca...
Slide Content
Presenters: Mark Allen, Sales Engineer Simplify pci dss compliance with AlienVault USM
What We’ll Discuss An overview of PCI DSS Common challenges in PCI DSS compliance Questions to ask as you plan and prepare Core capabilities needed to demonstrate compliance How to use AlienVault USM to simplify compliance
PCI DSS Version 3.x All businesses that store, process or transmit payment cardholder data must be PCI Compliant 3 steps for compliance Assess Remediate Report Goal: Make payment security ‘business-as-usual’
PCI Compliance and Security “In 10 years, of all companies investigated by Verizon forensics team following a breach, 0 were found to have been fully PCI compliant at the time of the breach” Data from 2015 Verizon PCI Report
PCI DSS Version 3.x
Poor Compliance When Breached #10 - Track & monitor all access to network resources & cardholder data #7 - Restrict access to cardholder data by business need to know Source : Verizon 2014 PCI Compliance Report
Common Challenges Collecting relevant data on the state of your compliance Critical events Configuration status Documenting the state of your compliance Keep the auditor happy Maintaining compliance and making it part of “business as usual”
Questions to Ask Where are your in-scope assets, how are they configured, and how are they segmented from the rest of your network? Who accesses these resources (and When , Where, What can they do, and How)? What are the vulnerabilities that are in your in-scope devices – Apps, OS, etc? What constitutes your network baseline? What is considered “normal” or “acceptable” ?
What functionality do I need for PCI DSS?
Identify systems & applications What functionality do I need for PCI DSS?
Identify systems & applications Document vulnerable assets What functionality do I need for PCI DSS?
Identify systems & applications Document vulnerable assets Find threats on your network What functionality do I need for PCI DSS?
Identify systems & applications Document vulnerable assets Find threats on your network Look for unusual behavior What functionality do I need for PCI DSS?
Correlate the data & respond Identify systems & applications Document vulnerable assets Find threats on your network Look for unusual behavior What functionality do I need for PCI DSS?
SIEM Log Collection Event Correlation Incident Response BEHAVIORAL MONITORING Netflow Analysis Service Availability Monitoring ASSET DISCOVERY Active Network Scanning Passive Network Scanning Asset Inventory VULNERABILITY ASSESSMENT Continuous Vulnerability Monitoring Authenticated / Unauthenticated A ctive Scanning INTRUSION DETECTION Network IDS Host IDS File Integrity Monitoring
OTX + AlienVault Labs Threat Intelligence powered by Open Collaboration
PCI Compliance Reports in USM Report Name PCI DSS Requirements Admin Access to Systems 10.1 -10.2 which focus on creating an audit trail of user access to critical systems Firewall Configuration Changes 1.1-1.3 which focus on firewalls and network device configuration Authentication with Default Credentials 2.x which focuses on the use of vendor-supplied default credentials All Antivirus Security Risk Events 5.1-5.2 which require anti-virus scanning with an up-to-date anti-virus solution Database Failed Logins 7.1-7.2 which focus on limiting access to PCI data to only those who “need to know” ….plus 25 more!
Grouping In-Scope Assets Built-in asset discovery provides a dynamic inventory allowing c ardholder- related resources to be identified and monitored for unusual activity. Custom dashboards focusing on key assets highlights pertinent data
Generating Tickets For Vulnerabilities USM’s built-in software ticketing system creates trouble tickets from vulnerability scans and alarms. These tickets specify who owns the remediation, the status and descriptive information. The tickets also provide a historical record of issues handled, as well as the capability to transfer tickets, assign them to others and push work to other groups USM can also send email to an individual, external ticketing system, or execute a script as a result of a discovered vulnerability.
Identifying Assets with Vendor Supplied Passwords As stated earlier, neglecting to change the default password on ANY network device, especially anything allowing access to cardholder data is a terrible idea and leaves a huge hole in your defenses. USM is able to scan your assets for vulnerabilities such as allowing access via default passwords and generate reports on the findings. This data can be crucial when verifying adherence to this practice to an auditor
Now for some Q&A Test Drive AlienVault USM Download a Free 30-Day Trial http://www.alienvault.com/free-trial Try our Product Sandbox http ://www.alienvault.com/live-demo-site Watch our Product Demo https://www.alienvault.com/marketing/alienvault-usm-live-demo
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 1,900
- Slides 21
- Favorites 2
- Age 4275 days
Related Slideshows
1
DTI BPI Pivot Small Business - BUSINESS START UP PLAN
MeljunCortes
28 views
1
CATHOLIC EDUCATIONAL Corporate Responsibilities
MeljunCortes
30 views
11
Karin Schaupp – Evocation; lançamento: 2000
alfeuRIO
28 views
10
Pillars of Biblical Oneness in the Book of Acts
JanParon
26 views
31
7-10. STP + Branding and Product & Services Strategies.pptx
itsyash298
27 views
44
Business Legislation PPT - UNIT 1 jimllpkggg
slogeshk98
29 views