SlideShare une entreprise Scribd logo

Simplify PCI DSS Compliance with AlienVault USM

Télécharger en tant que PPTX, PDF
AlienVault
AlienVault

Learn about common challenges in PCI DSS compliance and how to use AlienVault USM to overcome them more easily.

Technologie
1  sur  22
Simplify PCI DSS Compliance with AlienVault USM Mark Allen, Technical Sales Manager Anthony Mack, Sales Engineer
What We’ll Cover • An overview of PCI DSS • Common challenges in PCI DSS compliance • Questions to ask as you plan and prepare • Core capabilities needed to demonstrate compliance • How to use AlienVault USM to simplify compliance
PCI DSS • All entities that store, process or transmit payment cardholder data must maintain payment security • 3 steps for compliance 1. Assess 2. Remediate 3. Report • Goal: Make payment security ‘business-as-usual’
PCI Compliance and Security “In 10 years, of all companies investigated by Verizon forensics team following a breach, 0 were found to have been fully PCI compliant at the time of the breach” Data from 2015 Verizon PCI Report
PCI DSS Version 3.1 GOALS PCI DSS REQUIREMENTS Build and Maintain a Secure Network 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder Data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program 5. Use and regularly update anti-virus software or programs 6. Develop and maintain secure systems and applications Implement Strong Access Control Measures 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Maintain an Information Security Policy 12. Maintain a policy that addresses information security for employees and contractors
The State of Compliance Source: Verizon 2015 PCI Compliance Report • 4 out of 5 organizations not fully compliant • Only 1 in 4 organizations remained fully PCI compliant less than a year after a successful PCI validation • Requirement 11 remains the biggest challenge for organizations
Common Challenges • Collecting relevant data on the state of your compliance • Critical events • Configuration status • Documenting the state of your compliance • Keep the auditor happy • Maintaining compliance and making it part of “business as usual”
Questions to Ask • Where are your in-scope assets? • How are they configured? • How are they segmented from the rest of your network? • Who accesses these resources ? • When, Where, What can they do, and How? • What are the vulnerabilities on these devices? • Apps, OS, etc? • What constitutes your network baseline? • What is considered “normal” or “acceptable”?
What functionality do I need for PCI DSS?
Identify systems & applications What functionality do I need for PCI DSS?
Identify systems & applications Document vulnerable assets What functionality do I need for PCI DSS?
Identify systems & applications Document vulnerable assets Find threats on your network What functionality do I need for PCI DSS?
Identify systems & applications Document vulnerable assets Find threats on your network Look for unusual behavior What functionality do I need for PCI DSS?
Correlate the data & respond Identify systems & applications Document vulnerable assets Find threats on your network Look for unusual behavior What functionality do I need for PCI DSS?
ASSET DISCOVERY • Active & Passive Network Scanning • Asset Inventory • Software Inventory VULNERABILITY ASSESSMENT • Continuous Vulnerability Monitoring • Authenticated / Unauthenticated Active Scanning • Remediation Verification BEHAVIORAL MONITORING • Netflow Analysis • Service Availability Monitoring SIEM • Log Management • OTX threat data • SIEM Event Correlation • Incident Response INTRUSION DETECTION • Network IDS • Host IDS • File Integrity Monitoring The AlienVault Unified Security Management Platform (USM) Unified, Essential Security Controls
Actionable Threat Intelligence: Let Us do the Work! • Automatically detect and prioritize threats through:  Correlation Directives  Network IDS Signatures  Host IDS Signatures  Asset Discovery Signatures  Vulnerability Assessment Signatures  Reporting Modules  Incident Response Templates  Data Source Plug-Ins • Spend your time responding to threats, not researching them.
Open Threat Exchange (OTX) • The world’s first truly open threat intelligence community • Enables collaborative defense with actionable, community-powered threat data • With more than 37,000 participants in 140+ countries • And more than 3 million threat indicators contributed daily • Enables security professionals to share threat data and benefit from data shared by others • Integrated with the USM platform to alert you when known bad actors are communicating with your systems
PCI Compliance Reports in USM Report Name PCI DSS Requirements Admin Access to Systems 10.1-10.2 which focus on creating an audit trail of user access to critical systems Firewall Configuration Changes 1.1-1.3 which focus on firewalls and network device configuration Authentication with Default Credentials 2.x which focuses on the use of vendor-supplied default credentials All Antivirus Security Risk Events 5.1-5.2 which require anti-virus scanning with an up-to- date anti-virus solution Database Failed Logins 7.1-7.2 which focus on limiting access to PCI data to only those who “need to know” ….plus 25 more!
Grouping In-Scope Assets Built-in asset discovery provides a dynamic inventory allowing cardholder-related resources to be identified and monitored for unusual activity Custom dashboards focusing on key assets highlights pertinent data
Generating Tickets For Vulnerabilities USM’s built-in software ticketing system creates trouble tickets from vulnerability scans and alarms These tickets specify who owns the remediation, the status and descriptive information The tickets also provide a historical record of issues handled, as well as the capability to transfer tickets, assign them to others and push work to other groups USM can also send email to an individual, external ticketing system, or execute a script as a result of a discovered vulnerability
Identifying Assets with Vendor Supplied Passwords As stated earlier, neglecting to change the default password on ANY network device, especially anything allowing access to cardholder data is a terrible idea and leaves a huge hole in your defenses USM is able to scan your assets for vulnerabilities such as allowing access via default passwords and generate reports on the findings This data can be crucial when verifying adherence to this practice to an auditor
888.613.6023 ALIENVAULT.COM CONTACT US HELLO@ALIENVAULT.COM Now for some Questions.. Questions? Hello@AlienVault.com Twitter : @alienvault Download a Free 30-Day Trial of USM http://www.alienvault.com/free-trial Check out our 15-Day Trial of USM for AWS https://www.alienvault.com/free-trial/usm-for-aws Try our Interactive Demo Site http://www.alienvault.com/live-demo-site Join OTX: https://www.alienvault.com/open-threat-exchange

Recommandé

IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDS
AlienVault
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's Guide
AlienVault
 
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsMeltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
AlienVault
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation Directives
AlienVault
 
Creating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVaultCreating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVault
AlienVault
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
AlienVault
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USM
AlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
AlienVault
 

Recommandé

IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDS
AlienVault
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's Guide
AlienVault
 
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsMeltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
AlienVault
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation Directives
AlienVault
 
Creating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVaultCreating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVault
AlienVault
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
AlienVault
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USM
AlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
AlienVault
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides final
AlienVault
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
AlienVault
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
AlienVault
 
Configuring Data Sources in AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVault
AlienVault
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
AlienVault
 
Otx introduction sw
Otx introduction swOtx introduction sw
Otx introduction sw
AlienVault
 
Six Steps to SIEM Success
Six Steps to SIEM SuccessSix Steps to SIEM Success
Six Steps to SIEM Success
AlienVault
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
AlienVault
 
How to Simplify Audit Compliance with Unified Security Management
How to Simplify Audit Compliance with Unified Security ManagementHow to Simplify Audit Compliance with Unified Security Management
How to Simplify Audit Compliance with Unified Security Management
AlienVault
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
AlienVault
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM
AlienVault
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
Qualys
 
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
AlienVault
 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Qualys
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usm
AlienVault
 
How to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USMHow to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USM
AlienVault
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
AlienVault
 
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
AlienVault
 
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Qualys
 
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMInsider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
AlienVault
 
PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
PCI DSS Reporting Requirements for People Who Hate PCI DSS ReportingPCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
AlienVault
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM Installation
AlienVault
 

Contenu connexe

Tendances

Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides final
AlienVault
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
AlienVault
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
AlienVault
 
How to Simplify Audit Compliance with Unified Security Management
How to Simplify Audit Compliance with Unified Security ManagementHow to Simplify Audit Compliance with Unified Security Management
How to Simplify Audit Compliance with Unified Security Management
AlienVault
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
Qualys
 
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
AlienVault
 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Qualys
 
How to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USMHow to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USM
AlienVault
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
AlienVault
 
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Qualys
 

Tendances (20)

Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides final
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
 
Configuring Data Sources in AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVault
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
 
Otx introduction sw
Otx introduction swOtx introduction sw
Otx introduction sw
 
Six Steps to SIEM Success
Six Steps to SIEM SuccessSix Steps to SIEM Success
Six Steps to SIEM Success
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
 
How to Simplify Audit Compliance with Unified Security Management
How to Simplify Audit Compliance with Unified Security ManagementHow to Simplify Audit Compliance with Unified Security Management
How to Simplify Audit Compliance with Unified Security Management
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
 
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediation
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usm
 
How to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USMHow to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USM
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
 
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
 
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
 
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMInsider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
 

En vedette

Nmap.potosim
Nmap.potosimNmap.potosim
Nmap.potosim
gh02
 
Alien vault sans cyber threat intelligence
Alien vault sans cyber threat intelligenceAlien vault sans cyber threat intelligence
Alien vault sans cyber threat intelligence
AlienVault
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection Techniques
Team Firefly
 

En vedette (12)

PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
PCI DSS Reporting Requirements for People Who Hate PCI DSS ReportingPCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
PCI DSS Reporting Requirements for People Who Hate PCI DSS Reporting
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM Installation
 
Nmap.potosim
Nmap.potosimNmap.potosim
Nmap.potosim
 
Alien vault sans cyber threat intelligence
Alien vault sans cyber threat intelligenceAlien vault sans cyber threat intelligence
Alien vault sans cyber threat intelligence
 
Botnet Architecture
Botnet ArchitectureBotnet Architecture
Botnet Architecture
 
BotNet Attacks
BotNet AttacksBotNet Attacks
BotNet Attacks
 
BOTNET
BOTNETBOTNET
BOTNET
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step Guide
 
Botnets
BotnetsBotnets
Botnets
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection Techniques
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
Integrated Tools in OSSIM
Integrated Tools in OSSIMIntegrated Tools in OSSIM
Integrated Tools in OSSIM
 

Similaire à Simplify PCI DSS Compliance with AlienVault USM

IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
Precisely
 
PCI DSS Simplified: What You Need to Know
PCI DSS Simplified: What You Need to KnowPCI DSS Simplified: What You Need to Know
PCI DSS Simplified: What You Need to Know
AlienVault
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892
Risk Crew
 
PCI DSS v3.0: How to Adapt Your Compliance Strategy
PCI DSS v3.0: How to Adapt Your Compliance StrategyPCI DSS v3.0: How to Adapt Your Compliance Strategy
PCI DSS v3.0: How to Adapt Your Compliance Strategy
AlienVault
 
Aligning Application Security to Compliance
Aligning Application Security to ComplianceAligning Application Security to Compliance
Aligning Application Security to Compliance
Security Innovation
 
The Truth About Viruses on Power Systems - Powertech
The Truth About Viruses on Power Systems - PowertechThe Truth About Viruses on Power Systems - Powertech
The Truth About Viruses on Power Systems - Powertech
HelpSystems
 
Improve IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in SplunkImprove IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in Splunk
Precisely
 
Tizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptTizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.ppt
webhostingguy
 
Tizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptTizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.ppt
webhostingguy
 
Retail Security: Closing the Threat Gap
Retail Security: Closing the Threat GapRetail Security: Closing the Threat Gap
Retail Security: Closing the Threat Gap
Tripwire
 

Similaire à Simplify PCI DSS Compliance with AlienVault USM (20)

IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
 
PCI DSS Simplified: What You Need to Know
PCI DSS Simplified: What You Need to KnowPCI DSS Simplified: What You Need to Know
PCI DSS Simplified: What You Need to Know
 
MIT-MON Day4 Context.pptx
MIT-MON Day4 Context.pptxMIT-MON Day4 Context.pptx
MIT-MON Day4 Context.pptx
 
Chamber Technology Committee Presentation
Chamber Technology Committee PresentationChamber Technology Committee Presentation
Chamber Technology Committee Presentation
 
Tyler Technology Expo
Tyler Technology ExpoTyler Technology Expo
Tyler Technology Expo
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892
 
PCI DSS v3.0: How to Adapt Your Compliance Strategy
PCI DSS v3.0: How to Adapt Your Compliance StrategyPCI DSS v3.0: How to Adapt Your Compliance Strategy
PCI DSS v3.0: How to Adapt Your Compliance Strategy
 
Aligning Application Security to Compliance
Aligning Application Security to ComplianceAligning Application Security to Compliance
Aligning Application Security to Compliance
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_web
 
The Truth About Viruses on Power Systems - Powertech
The Truth About Viruses on Power Systems - PowertechThe Truth About Viruses on Power Systems - Powertech
The Truth About Viruses on Power Systems - Powertech
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
 
Improve IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in SplunkImprove IT Security and Compliance with Mainframe Data in Splunk
Improve IT Security and Compliance with Mainframe Data in Splunk
 
Tizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptTizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.ppt
 
Tizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptTizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.ppt
 
PCI DSS Compliance and Security: Harmony or Discord?
PCI DSS Compliance and Security: Harmony or Discord?PCI DSS Compliance and Security: Harmony or Discord?
PCI DSS Compliance and Security: Harmony or Discord?
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur Vats
 
ISACA -Threat Hunting using Native Windows tools .pdf
ISACA -Threat Hunting using Native Windows tools .pdfISACA -Threat Hunting using Native Windows tools .pdf
ISACA -Threat Hunting using Native Windows tools .pdf
 
PCI DSS and PA DSS
PCI DSS and PA DSSPCI DSS and PA DSS
PCI DSS and PA DSS
 
Retail Security: Closing the Threat Gap
Retail Security: Closing the Threat GapRetail Security: Closing the Threat Gap
Retail Security: Closing the Threat Gap
 
PCI and Vulnerability Assessments - What’s Missing
PCI and Vulnerability Assessments - What’s MissingPCI and Vulnerability Assessments - What’s Missing
PCI and Vulnerability Assessments - What’s Missing
 

Plus de AlienVault

The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHIC
AlienVault
 
Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”
Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”
Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”
AlienVault
 
How to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMHow to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USM
AlienVault
 
Demo how to detect ransomware with alien vault usm_gg
Demo how to detect ransomware with alien vault usm_ggDemo how to detect ransomware with alien vault usm_gg
Demo how to detect ransomware with alien vault usm_gg
AlienVault
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
AlienVault
 

Plus de AlienVault (9)

Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHIC
 
Security by Collaboration: Rethinking Red Teams versus Blue Teams
Security by Collaboration: Rethinking Red Teams versus Blue TeamsSecurity by Collaboration: Rethinking Red Teams versus Blue Teams
Security by Collaboration: Rethinking Red Teams versus Blue Teams
 
Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”
Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”
Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”
 
How to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMHow to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USM
 
Spice world 2014 hacker smackdown
Spice world 2014 hacker smackdown Spice world 2014 hacker smackdown
Spice world 2014 hacker smackdown
 
Demo how to detect ransomware with alien vault usm_gg
Demo how to detect ransomware with alien vault usm_ggDemo how to detect ransomware with alien vault usm_gg
Demo how to detect ransomware with alien vault usm_gg
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
 

Dernier

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Dernier (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Simplify PCI DSS Compliance with AlienVault USM

  • 1. Simplify PCI DSS Compliance with AlienVault USM Mark Allen, Technical Sales Manager Anthony Mack, Sales Engineer
  • 2. What We’ll Cover • An overview of PCI DSS • Common challenges in PCI DSS compliance • Questions to ask as you plan and prepare • Core capabilities needed to demonstrate compliance • How to use AlienVault USM to simplify compliance
  • 3. PCI DSS • All entities that store, process or transmit payment cardholder data must maintain payment security • 3 steps for compliance 1. Assess 2. Remediate 3. Report • Goal: Make payment security ‘business-as-usual’
  • 4. PCI Compliance and Security “In 10 years, of all companies investigated by Verizon forensics team following a breach, 0 were found to have been fully PCI compliant at the time of the breach” Data from 2015 Verizon PCI Report
  • 5. PCI DSS Version 3.1 GOALS PCI DSS REQUIREMENTS Build and Maintain a Secure Network 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder Data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program 5. Use and regularly update anti-virus software or programs 6. Develop and maintain secure systems and applications Implement Strong Access Control Measures 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Maintain an Information Security Policy 12. Maintain a policy that addresses information security for employees and contractors
  • 6. The State of Compliance Source: Verizon 2015 PCI Compliance Report • 4 out of 5 organizations not fully compliant • Only 1 in 4 organizations remained fully PCI compliant less than a year after a successful PCI validation • Requirement 11 remains the biggest challenge for organizations
  • 7. Common Challenges • Collecting relevant data on the state of your compliance • Critical events • Configuration status • Documenting the state of your compliance • Keep the auditor happy • Maintaining compliance and making it part of “business as usual”
  • 8. Questions to Ask • Where are your in-scope assets? • How are they configured? • How are they segmented from the rest of your network? • Who accesses these resources ? • When, Where, What can they do, and How? • What are the vulnerabilities on these devices? • Apps, OS, etc? • What constitutes your network baseline? • What is considered “normal” or “acceptable”?
  • 12. Identify systems & applications Document vulnerable assets Find threats on your network What functionality do I need for PCI DSS?
  • 13. Identify systems & applications Document vulnerable assets Find threats on your network Look for unusual behavior What functionality do I need for PCI DSS?
  • 14. Correlate the data & respond Identify systems & applications Document vulnerable assets Find threats on your network Look for unusual behavior What functionality do I need for PCI DSS?
  • 15. ASSET DISCOVERY • Active & Passive Network Scanning • Asset Inventory • Software Inventory VULNERABILITY ASSESSMENT • Continuous Vulnerability Monitoring • Authenticated / Unauthenticated Active Scanning • Remediation Verification BEHAVIORAL MONITORING • Netflow Analysis • Service Availability Monitoring SIEM • Log Management • OTX threat data • SIEM Event Correlation • Incident Response INTRUSION DETECTION • Network IDS • Host IDS • File Integrity Monitoring The AlienVault Unified Security Management Platform (USM) Unified, Essential Security Controls
  • 16. Actionable Threat Intelligence: Let Us do the Work! • Automatically detect and prioritize threats through:  Correlation Directives  Network IDS Signatures  Host IDS Signatures  Asset Discovery Signatures  Vulnerability Assessment Signatures  Reporting Modules  Incident Response Templates  Data Source Plug-Ins • Spend your time responding to threats, not researching them.
  • 17. Open Threat Exchange (OTX) • The world’s first truly open threat intelligence community • Enables collaborative defense with actionable, community-powered threat data • With more than 37,000 participants in 140+ countries • And more than 3 million threat indicators contributed daily • Enables security professionals to share threat data and benefit from data shared by others • Integrated with the USM platform to alert you when known bad actors are communicating with your systems
  • 18. PCI Compliance Reports in USM Report Name PCI DSS Requirements Admin Access to Systems 10.1-10.2 which focus on creating an audit trail of user access to critical systems Firewall Configuration Changes 1.1-1.3 which focus on firewalls and network device configuration Authentication with Default Credentials 2.x which focuses on the use of vendor-supplied default credentials All Antivirus Security Risk Events 5.1-5.2 which require anti-virus scanning with an up-to- date anti-virus solution Database Failed Logins 7.1-7.2 which focus on limiting access to PCI data to only those who “need to know” ….plus 25 more!
  • 19. Grouping In-Scope Assets Built-in asset discovery provides a dynamic inventory allowing cardholder-related resources to be identified and monitored for unusual activity Custom dashboards focusing on key assets highlights pertinent data
  • 20. Generating Tickets For Vulnerabilities USM’s built-in software ticketing system creates trouble tickets from vulnerability scans and alarms These tickets specify who owns the remediation, the status and descriptive information The tickets also provide a historical record of issues handled, as well as the capability to transfer tickets, assign them to others and push work to other groups USM can also send email to an individual, external ticketing system, or execute a script as a result of a discovered vulnerability
  • 21. Identifying Assets with Vendor Supplied Passwords As stated earlier, neglecting to change the default password on ANY network device, especially anything allowing access to cardholder data is a terrible idea and leaves a huge hole in your defenses USM is able to scan your assets for vulnerabilities such as allowing access via default passwords and generate reports on the findings This data can be crucial when verifying adherence to this practice to an auditor
  • 22. 888.613.6023 ALIENVAULT.COM CONTACT US HELLO@ALIENVAULT.COM Now for some Questions.. Questions? Hello@AlienVault.com Twitter : @alienvault Download a Free 30-Day Trial of USM http://www.alienvault.com/free-trial Check out our 15-Day Trial of USM for AWS https://www.alienvault.com/free-trial/usm-for-aws Try our Interactive Demo Site http://www.alienvault.com/live-demo-site Join OTX: https://www.alienvault.com/open-threat-exchange