PCI DSS

PCI DSS Compliance

Accelerate Your PCI DSS Compliance & Security

Satisfy the most challenging requirements in a matter of a few days, not weeks or months. AlienVault Unified Security Management™ (USM) delivers all of the tools you need in one place, so you can save time and money in achieving PCI DSS compliance and improving the security of your network.

Watch a 90-Second Demo

Must-Have Security Technologies for PCI DSS Compliance

All in a Single Pane of Glass

See How You Can Achieve PCI DSS Compliance Faster:

Prove Compliance for Even the Most
Challenging Requirements

Logging and Reporting: PCI DSS Requirement 10

AlienVault USM™ helps you collect and protect your log records, as well as prove that you’ve done so.

Sections 10.1 - 10.4 deal with collecting audit logs, tracking access to cardholder data, actions taken by admins, and failed logins, establishing audit trails, and tracking manipulation of the audit trail. AlienVault USM provides the ability for each event logged in the system to be attributed to a particular user. This establishes an audit trail, and provides forensic storage of events for later audit. For highly sensitive components, the AlienVault host-based agent can be used in order to provide full visibility into all actions taken on particular machines. USM timestamps all audit logs, which addresses section 10.4.

Section 10.5 requires that audit trails be secured so they cannot be altered. AlienVault provides full role-based access control for access to audit trails and event logs. An additional separate audit log provides a record of modifications to the event log. All entries are time stamped and hashed to identify attempts of tampering.

Section 10.7 mandates that you retain audit history for at least one year, with a minimum of three months immediately available for analysis. AlienVault provides the ability for both online and offline storage. Through the user interface, automated back-ups can be created to allow for offline storage and restoration of events. This provides the flexibility for long-term log retention even in high-volume environments.

Vulnerability Assessment: PCI DSS Requirement 11

Out of the box, AlienVault USM provides vulnerability assessment that allows you to identify and assess weaknesses in your environment. USM’s asset management and vulnerability scanning identifies any discovered vulnerabilities and correlates the data gathered by its asset discovery scans with known vulnerability information for improved accuracy. Built-in file integrity monitoring alerts users to changes to critical files but can also be customized to monitor any file set.

Incident Response Planning: PCI DSS Requirement 12

Make sure the right people get notified to take action in the case of an incident. USM provides the alerting you need, down to the level of texting security professionals in real time as incidents occur. With USM, you get 24X7 coverage.

Read a
Sample Report

Learn More About PCI DSS Compliance:

Browse all Resources

Compare AlienVault for PCI Compliance
to the Point Product Approach

Which PCI requirements can you simplify with USM? The table below illustrates the difference
between attempting to do this with point solutions vs. the combined power of USM.

Free Trial

 PCI DSS 3.1 Requirement AlienVault USM™Intrusion DetectionMonitoringSIEMVulnerability Management
1Install and Maintain a Firewall Configuration to Protect Cardholder Data1.2yes yesyesyes
1.3yes yesyes 
See How AlienVault Fulfills Requirement 1
PCI DSS RequirementsIntegrated USM CapabilitiesBenefits You Gain
1.2, 1.3
  • NetFlow analysis
  • System availability monitoring
  • SIEM
  • Asset discovery
  • Unified and correlated Netflow analysis and firewall logs delivers “single pane of glass” visibility into access to cardholder-related data and all cardholder data flows across systems and networks.
  • Built-in asset discovery provides a dynamic asset inventory and topology diagrams. Cardholder-related resources can be identified and monitored for unusual activity.
  • Accurate and automated asset inventory combined with relevant security events accelerate incident response efforts and analysis.
2Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters2.1yes   yes
2.2yesyesyes yes
2.3yes  yesyes
2.4yes yes  
See How AlienVault Fulfills Requirement 2
PCI DSS RequirementsIntegrated USM™ CapabilitiesBenefits You Gain
2.1, 2.2, 2.3, 2.4
  • Network intrusion detection (IDS)
  • Vulnerability assessment
  • Host-based intrusion detection (HIDS)
  • Asset discovery and inventory
  • Built-in, automated vulnerability assessment identifies the use of weak and default passwords.
  • Built-in host-based intrusion detection and file integrity monitoring will signal when password files and other critical system files have been modified.
  • Automated asset inventory enumerates all of your PCI in scope assets.
3Protects Stored Cardholder Data3.6.7yes  yes 
See How AlienVault Fulfills Requirement 3
PCI DSS RequirementsIntegrated USM™ CapabilitiesBenefits You Gain
3.6.7
  • Log management
  • Host-based intrusion detection (HIDS)
  • File integrity monitoring
  • NetFlow analysis
  • SIEM
  • Unified log review and analysis, with triggered alerts for high risk systems (containing credit cardholder data).
  • Built-in host-based intrusion detection and file integrity
 monitoring detect and alarm on changes to cryptographic keys.
  • Unified NetFlow analysis and event correlation monitors 
traffic and issues alerts on unencrypted traffic to/from cardholder-related resources.
4Encrypt Transmission of Cardholder Data Across Open, Public Networks4.1yes  yesyes
4.1.1yes  yes 
See How AlienVault Fulfills Requirement 4
PCI DSS RequirementsIntegrated USM™ CapabilitiesBenefits You Gain
4.1
  • NetFlow analysis
  • Behavioral monitoring
  • Wireless IDS
  • SIEM
  • Unified Netflow analysis and event correlation monitors traffic and issues alerts on unencrypted traffic to/from cardholder-related resources.
  • Built-in wireless IDS monitors encryption strength and identifies unauthorized access attempts to critical infrastructure.
5Protect All Systems Against Malware and Regularly Update Anti-Virus Software or Programs5.1yes yes yes
5.2yes  yesyes
5.3yes yes yes
See How AlienVault Fulfills Requirement 5
PCI DSS RequirementsIntegrated USM™ CapabilitiesBenefits You Gain
5.1, 5.2, 5.3
  • Host-based intrusion detection (HIDS)
  • Network intrusion detection (IDS)
  • Log management
  • Vulnerability assessment
  • Built-in host-based intrusion detection provides an extra layer of defense against zero day threats (before an anti- virus update can be issued).
  • Unified log management provides an audit trail of anti- virus software use by collecting log data from anti-virus software.
  • Built-in network intrusion detection identifies and alerts on malware infections in the credit cardholder data environment.
  • Integrated vulnerability assessment discovers non-compliant endpoints without active anti-virus installed.
6Develop and Maintain Secure Systems and Applications6.1yes  yesyes
6.2yesyes  yes
6.3yes  yesyes
6.4yes   yes
6.5yes  yes 
6.6yes yesyes 
See How AlienVault Fulfills Requirement 6
PCI DSS RequirementsIntegrated USM™ CapabilitiesBenefits You Gain
6.1, 6.2, 6.3, 6.4, 6.5, 6.6
  • Asset discovery
  • Vulnerability assessment
  • Network intrusion detection (IDS)
  • SIEM
  • Built-in and consolidated asset inventory, vulnerability assessment, threat detection and event correlation provides a unified view of an organization’s security posture and critical system configuration.
  • Built-in vulnerability assessment checks for a variety of well-known security exploits (i.e., SQL injection).
7Restrict Access to Cardholder Data by Business Need to Know7.1yes yesyes 
7.2yes   yes
See How AlienVault Fulfills Requirement 7
PCI DSS RequirementsIntegrated USM™ CapabilitiesBenefits You Gain
7.1, 7.2
  • SIEM
  • Automated event correlation identifies unauthorized access to systems with credit cardholder data.
8Identify and Authenticate Access to System Components8.1yes  yesyes
8.2yes   yes
8.4yes   yes
8.5yes yes  
8.6yes yes  
See How AlienVault Fulfills Requirement 8
PCI DSS RequirementsIntegrated USM™ CapabilitiesBenefits You Gain
8.1, 8.2, 8.4, 8.5, 8.6
  • Log management
  • Vulnerability assessment
  • Host-based intrusion detection (HIDS)
  • Built-in log management captures all user account creation activities and can also identify unencrypted passwords on critical systems, as well as collection and correlation of valid and invalid authentication attempts on critical devices.
  • Integrated vulnerability scanning validates password complexity requirements
  • Built-in host-based intrusion detection alerts on unauthorized attempts to access cardholder data
10Track and Monitor Access to All Network Resources and Cardholder Data10.1yesyesyes yes
10.2yes yesyesyes
10.3yesyesyesyes 
10.4yes  yes 
10.5yes yesyesyes
10.6yes yesyesyes
10.7yes yesyesyes
See How AlienVault Fulfills Requirement 10
PCI DSS RequirementsIntegrated USM™ CapabilitiesBenefits You Gain
10.1, 10.2, 10.3, 10.4, 10.5, 10.6, 10.7
  • Host-based intrusion detection (HIDS)
  • Network intrusion detection (IDS)
  • Behavioral monitoring
  • Log management
  • SIEM
  • Built-in threat detection, behavioral monitoring and event correlation signals attacks in progress—for example, unauthorized access followed by additional security exposures such as cardholder data exfiltration.
  • Built-in log management enables the collection and correlation of valid and invalid authentication attempts on critical devices.
  • Centralized, role-based access control for audit trails and event logs preserves “chain of custody” for investigations.
11Regularly Test Security Systems and Processes11.1yes yes  
11.2yesyes  yes
11.3yes   yes
11.4yesyes yes 
11.5yes  yes 
See How AlienVault Fulfills Requirement 11
PCI DSS RequirementsIntegrated USM™ CapabilitiesBenefits You Gain
11.1, 11.2, 11.3, 11.4, 11.5
  • Vulnerability assessment
  • Wireless IDS
  • Host-based intrusion detection (HIDS)
  • File integrity monitoring
  • SIEM
  • Built-in vulnerability assessment streamlines the scanning and remediation process – one console to manage it all.
  • Built-in wireless IDS detects and alerts on rogue wireless access points, and weak encryption configurations.
  • Built-in host-based intrusion detection identifies the attachment of USB devices including WLAN cards.
  • Unified vulnerability assessment, threat detection, and event correlation provides full situational awareness in order to reliably test security systems and processes.
  • Built-in file integrity monitoring alerts on unauthorized modification of system files, configuration files, or content.
Get Price Free Trial Chat