PCI DSS

PCI DSS 3.0 Compliance

Accelerate PCI DSS Compliance & Security with AlienVault Unified Security Management

Satisfy the most challenging requirements in a matter of a few days, not weeks or months. AlienVault gives you all of the tools you need in one place, so you can save significant time and money in achieving PCI DSS compliance and improving the security of your network.

Must-Have Security Technologies for PCI DSS Compliance

All in a Single Pane of Glass

See How You Can Achieve PCI DSS Compliance Faster:

AlienVault is Trusted by Thousands of Customers.

Subaru Nasdaq
Focus Brands Credit Karma
Abel & Cole airwatch Braves
American Express Massage Envy MMG Insurance Caribou Coffee
National Bank of Commerce Sena Ziosk
Pepco Holdings, Inc

Prove Compliance for Even the Most
Challenging Requirements

Logging and Reporting: PCI DSS Requirement 10

AlienVault USM helps you collect and protect your log records, as well as prove you’ve done so.

10.1 - 10.4 deals with collecting audit logs, tracking access to cardholder data, actions taken by admins, failed logins, and manipulation of the audit trail. AlienVault USM provides the ability for each event logged in the system to be attributed to a particular user. This provides forensic storage of events for later audit. For highly sensitive components the AlienVault host-based agent can be used in order to provide full visibility into all actions taken on particular machines. Specific to section 4 (10.4), we timestamp our audit logs.

10.5 requires that audit trails be secured so they cannot be altered. AlienVault provides full role-based access control for access to audit trails and event logs. An additional separate audit log provides a record of modifications to the event log. All entries are time stamped and hashed to identify attempts of tampering.

10.7 mandates that you retain audit history for at least one year, with a minimum of three months immediately available for analysis. AlienVault provides the ability for both online and offline storage. Through the user interface, automated back-ups can be created to allow for offline storage and restoration of events. This provides the flexibility for long-term log retention even in high-volume environments.

Vulnerability Assessment: PCI DSS Requirement 11

Out of the box, AlienVault USM provides vulnerability assessment that allows you to identify and assess weaknesses in your environment. Our wireless IDS will also pick up any unauthorized wireless devices and allow you to deal with them in real-time. USM’s asset management and vulnerability scanning identifies any discovered vulnerabilities and correlates the data gathered by its asset discovery scans with known vulnerability information for improved accuracy. Built-in file integrity monitoring alerts users to changes to critical files but can also be customized to monitor any file set.

Incident Response Planning: PCI DSS Requirement 12

Make sure the right people get notified to take action in the case of an incident. USM provides the alerting you need, down to the level of texting security professionals in real time as incidents occur. With USM, you get 24X7 coverage.

Read a
Sample Report

Learn More About PCI DSS Compliance:

Browse all Resources

Compare AlienVault for PCI Compliance
to the Point Product Approach

Which PCI requirements can you simplify with USM? The table below illustrates the difference
between attempting to do this with point solutions vs. the combined power of USM.

Free Trial

  PCI DSS 3.0 Requirement   AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management
1 Install and Maintain a Firewall Configuration to Protect Cardholder Data 1.1 yes yes yes yes yes
1.1.2 yes   yes    
1.1.3 yes   yes    
1.1.5 yes   yes    
1.1.6 yes   yes    
1.2 yes   yes yes yes
1.3 yes   yes yes  
See How AlienVault Fulfills Requirement 1
PCI DSS Requirements Integrated USM Capabilities Benefits You Gain
1.1, 1.2, 1.3
  • NetFlow analysis
  • System availability monitoring
  • SIEM
  • Asset discovery
  • Unified and correlated Netflow analysis and firewall logs delivers “single pane of glass” visibility into access to cardholder-related data and all cardholder data flows across systems and networks.
  • Built-in asset discovery provides a dynamic asset inventory and topology diagrams. Cardholder-related resources can be identified and monitored for unusual activity.
  • Accurate and automated asset inventory combined with relevant security events accelerate incident response efforts and analysis.
2 Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters 2.1 yes       yes
2.2 yes yes yes   yes
2.3 yes     yes yes
2.4 yes   yes    
See How AlienVault Fulfills Requirement 2
PCI DSS Requirements Integrated USM Capabilities Benefits You Gain
2.1, 2.2, 2.3, 2.4
  • Network intrusion detection (IDS)
  • Vulnerability assessment
  • Host-based intrusion detection (HIDS)
  • Asset discovery and inventory
  • Built-in, automated vulnerability assessment identifies the use of weak and default passwords.
  • Built-in host-based intrusion detection and file integrity monitoring will signal when password files and other critical system files have been modified.
  • Automated asset inventory enumerates all of your PCI in scope assets.
3 Protects Stored Cardholder Data 3.6.7 yes     yes  
See How AlienVault Fulfills Requirement 3
PCI DSS Requirements Integrated USM Capabilities Benefits You Gain
3.6.7
  • Log management
  • Host-based intrusion detection (HIDS)
  • File integrity monitoring
  • NetFlow analysis
  • SIEM
  • Unified log review and analysis, with triggered alerts for high risk systems (containing credit cardholder data).
  • Built-in host-based intrusion detection and file integrity
 monitoring detect and alarm on changes to cryptographic keys.
  • Unified NetFlow analysis and event correlation monitors 
traffic and issues alerts on unencrypted traffic to/from cardholder-related resources.
4 Encrypt Transmission of Cardholder Data Across Open, Public Networks 4.1 yes     yes yes
4.1.1 yes     yes  
See How AlienVault Fulfills Requirement 4
PCI DSS Requirements Integrated USM Capabilities Benefits You Gain
4.1
  • NetFlow analysis
  • Behavioral monitoring
  • Wireless IDS
  • SIEM
  • Unified Netflow analysis and event correlation monitors traffic and issues alerts on unencrypted traffic to/from cardholder-related resources.
  • Built-in wireless IDS monitors encryption strength and identifies unauthorized access attempts to critical infrastructure.
5 Protect All Systems Against Malware and Regularly Update Anti-Virus Software or Programs 5.1 yes   yes   yes
5.1.2 yes   yes   yes
5.2 yes     yes yes
5.3 yes   yes   yes
See How AlienVault Fulfills Requirement 5
PCI DSS Requirements Integrated USM Capabilities Benefits You Gain
5.1, 5.2, 5.3
  • Host-based intrusion detection (HIDS)
  • Network intrusion detection (IDS)
  • Log management
  • Vulnerability assessment
  • Built-in host-based intrusion detection provides an extra layer of defense against zero day threats (before an anti- virus update can be issued).
  • Unified log management provides an audit trail of anti- virus software use by collecting log data from anti-virus software.
  • Built-in network intrusion detection identifies and alerts on malware infections in the credit cardholder data environment.
  • Integrated vulnerability assessment discovers non-compliant endpoints without active anti-virus installed.
6 Develop and Maintain Secure Systems and Applications 6.1 yes     yes yes
6.2 yes yes     yes
6.3 yes     yes yes
6.3.2 yes   yes    
6.4 yes       yes
6.5 yes     yes  
See How AlienVault Fulfills Requirement 6
PCI DSS Requirements Integrated USM Capabilities Benefits You Gain
6.1, 6.2, 6.3, 6.4, 6.5
  • Asset discovery
  • Vulnerability assessment
  • Network intrusion detection (IDS)
  • SIEM
  • Built-in and consolidated asset inventory, vulnerability assessment, threat detection and event correlation provides a unified view of an organization’s security posture and critical system configuration.
  • Built-in vulnerability assessment checks for a variety of well-known security exploits (i.e., SQL injection).
7 Restrict Access to Cardholder Data by Business Need to Know 7.1 yes   yes yes  
7.2 yes       yes
See How AlienVault Fulfills Requirement 7
PCI DSS Requirements Integrated USM Capabilities Benefits You Gain
7.1, 7.2
  • SIEM
  • Automated event correlation identifies unauthorized access to systems with credit cardholder data.
8 Identify and Authenticate Access to System Components 8.1 yes     yes yes
8.2 yes       yes
8.4 yes       yes
8.5 yes   yes    
8.6 yes   yes    
8.7 yes yes yes yes  
See How AlienVault Fulfills Requirement 8
PCI DSS Requirements Integrated USM Capabilities Benefits You Gain
8.1, 8.2, 8.4, 8.5, 8.6, 8.7
  • Log management
  • Vulnerability assessment
  • Host-based intrusion detection (HIDS)
  • Built-in log management captures all user account creation activities and can also identify unencrypted passwords on critical systems, as well as collection and correlation of valid and invalid authentication attempts on critical devices.
  • Integrated vulnerability scanning validates password complexity requirements
  • Built-in host-based intrusion detection alerts on unauthorized attempts to access cardholder data
10 Track and Monitor Access to All Network Resources and Cardholder Data 10.1 yes yes yes   yes
10.2 yes   yes yes yes
10.3 yes yes yes yes  
10.4 yes     yes  
10.5 yes   yes yes yes
10.6 yes   yes yes yes
10.7 yes   yes yes yes
See How AlienVault Fulfills Requirement 10
PCI DSS Requirements Integrated USM Capabilities Benefits You Gain
10.1, 10.2, 10.3, 10.4, 10.5, 10.6, 10.7
  • Host-based intrusion detection (HIDS)
  • Network intrusion detection (IDS)
  • Behavioral monitoring
  • Log management
  • SIEM
  • Built-in threat detection, behavioral monitoring and event correlation signals attacks in progress—for example, unauthorized access followed by additional security exposures such as cardholder data exfiltration.
  • Built-in log management enables the collection and correlation of valid and invalid authentication attempts on critical devices.
  • Centralized, role-based access control for audit trails and event logs preserves “chain of custody” for investigations.
11 Regularly Test Security Systems and Processes 11.1 yes   yes    
11.2 yes yes     yes
11.3 yes       yes
11.4 yes yes   yes  
11.5 yes     yes  
See How AlienVault Fulfills Requirement 11
PCI DSS Requirements Integrated USM Capabilities Benefits You Gain
11.1, 11.2, 11.3, 11.4, 11.5
  • Vulnerability assessment
  • Wireless IDS
  • Host-based intrusion detection (HIDS)
  • File integrity monitoring
  • SIEM
  • Built-in vulnerability assessment streamlines the scanning and remediation process – one console to manage it all.
  • Built-in wireless IDS detects and alerts on rogue wireless access points, and weak encryption configurations.
  • Built-in host-based intrusion detection identifies the attachment of USB devices including WLAN cards.
  • Unified vulnerability assessment, threat detection, and event correlation provides full situational awareness in order to reliably test security systems and processes.
  • Built-in file integrity monitoring alerts on unauthorized modification of system files, configuration files, or content.
Free Trial Demo Get Price ChatNeed help?