PCI DSS Compliance Software | AlienVault

PCI DSS Compliance

Get compliance-ready faster with AlienVault Unified Security Management (USM). It combines the essential security capabilities you need to demonstrate PCI DSS 3.2 compliance in your on-premises and cloud environments.

Watch a 90-Second Demo

Pass Your Next PCI Audit with Unified Security Essentials

PCI compliance software is a must-have for any organization that handles credit card data or other types of payment card data. Failure to comply can result in PCI DSS penalties and fines imposed daily, and a data breach resulting from non-compliance could cost millions in settlements, legal fees, and loss of reputation.

Yet, many IT security teams struggle to meet the many security technology requirements defined by PCI DSS 3.2. It doesn’t help that organizations are often racing to get ready for their next, fast approaching PCI audit.

AlienVault® Unified Security Management™ (USM™) addresses the major headaches caused by PCI DSS compliance: the cost and complexity of deploying multiple security point solutions, the urgency to implement these tools to get audit-ready, and the challenge of validating compliance in front of the PCI assessor.

Unlike other PCI compliance software, USM combines multiple essential security technologies needed to demonstrate compliance, all on one affordable and easy-to-use solution. You can fully deploy USM for your on-premises, AWS cloud, or Azure cloud PCI environments in just 1 – 2 days, so you can achieve PCI DSS compliance faster and ensure continuous security and compliance monitoring year-round.

AlienVault USM delivers essential unified security capabilities that help you to pass your next PCI audit. USM features –

A PCI Compliance Checklist of Essential Security Capabilities in One Solution

  • Asset Discovery and Inventory
  • Vulnerability Assessment
  • Intrusion Detection (IDS)
  • File Integrity Monitoring (FIM)
  • SIEM Event Correlation
  • Log Management & Monitoring

Support for Even the Most Challenging PCI DSS Requirements

  • PCI Requirement 10: Logging and Reporting
  • PCI Requirement 11: Vulnerability Assessment
  • PCI Requirement 12: Incident Response Planning

A Faster, More Affordable Approach to PCI Compliance than Point Security Solutions

  • Compare USM to Point Security Solutions
  • Discover which PCI Requirements You Can Simplify with a Unified Approach to Compliance
Reviews of AlienVault Unified Security Management™ on  Software Reviews on TrustRadius

A PCI Compliance Checklist of Essential Security Capabilities in One Solution

Discover how many security technologies and functions USM checks off your PCI Compliance Checklist –

Asset Discovery & Inventory

PCI DSS requires you to identify all systems that are in scope of your cardholder data environment (CDE). USM automatically discovers and inventories all your critical on-premises and cloud assets. You can define custom PCI asset groups that you can use to run scans and reports.

Learn more about PCI DSS Network Segmentation >

Vulnerability Assessment

PCI Requirement 11 mandates that you test security systems and processes, and internal vulnerability scanning is a key part of that. USM provides internal PCI compliance scan capabilities, so you can readily detect vulnerabilities as part of your compliance and security program.

Learn more about PCI DSS Internal Vulnerability Scanning >

Intrusion Detection

Another PCI requirement is to implement an intrusion detection system (IDS) to monitor traffic at the perimeter of your CDE and at critical points within the CDE. USM takes a multi-layered approach to intrusion detection, providing out of the box network intrusion detection (NIDS), host intrusion detection (HIDS), and cloud intrusion detection.

Learn more about Intrusion Detection in USM >

File Integrity Monitoring

PCI DSS requirements 10.5.5 and 11.5 state you must install file integrity monitoring software to pass your audit. That’s because changes on critical servers often signal a breach. USM includes file integrity monitoring software (FIM) as part of the unified platform.

Learn more about PCI DSS File Integrity Monitoring >

SIEM Event Correlation

SIEM event correlation in USM captures all user activities on critical systems, as well as collection and correlation of valid and invalid authentication attempts, so you always know who is trying to access your CDE.

Learn more about SIEM Event Correlation in USM >

Log Management & Monitoring

Log management, monitoring, and retention are pillars of USM. USM collects, parses, and analyzes log data from your PCI systems, alerting you to any threats facing your environment and helping you to demonstrate compliance of PCI Requirement 10.

Learn more about PCI DSS Log Monitoring & Management >

Learn more about PCI DSS Log Retention >

Support for Even the Most Challenging PCI DSS Requirements

Logging and Reporting: PCI DSS Requirement 10

AlienVault USM helps you collect and protect your log records, as well as prove that you’ve done so.

PCI Requirements 10.1 - 10.4 deal with collecting audit logs, tracking access to cardholder data, and actions taken by admins, as well as failed logins, establishing audit trails, and tracking manipulation of the audit trail.

USM collects log data from your applications, systems, devices, and cloud accounts. The data is parsed and immediately available to search on and run reports to evaluate what actions individual users are taking in your CDE. USM timestamps the data, which addresses section 10.4.

Requirement 10.5 requires that audit trails be secured so they cannot be altered.

USM Appliance™ digitally signs all raw logs. USM Anywhere™ supports a “write once, read many” (WORM) approach to prevent log data from being modified once they’re written to cold storage.

Requirement 10.7 mandates that you retain audit history for at least one year, with a minimum of three months immediately available for analysis.

USM Appliance provides the ability for both online and offline storage. You can create automated back-ups for offline storage and restoration of events via the web console. This provides the flexibility for long-term log retention even in high-volume environments.

USM Anywhere stores data online for 90 days, so you can easily search and report on it per PCI compliance needs. USM Anywhere provides 12 months of cold storage with the ability to extend your long-term storage capacity.

Vulnerability Assessment: PCI DSS Requirement 11

Out of the box, USM provides vulnerability assessment that enables you to find and fix weak spots in your cloud and on-premises environments. Together, USM’s asset discovery and vulnerability scanning tools simplify security visibility by unifying the data gathered in asset and vulnerability scans with known vulnerability information. Built-in file integrity monitoring alerts users to changes to critical files that may indicate a breach.

Incident Response Planning: PCI DSS Requirement 12

When an incident happens, make sure the correct response actions happen and that the right people get notified quickly and efficiently. USM provides the alerting and notifications you need to stay informed of your security posture 24 x 7 as well as all the relevant security data you need in one location to respond quickly and to mitigate the potential damage of a breach.

In USM Anywhere, you gain advanced security orchestration and automated incident response capabilities as a first line of defense. When an incident occurs, orchestration rules can be automatically triggered to take some action to gather additional data to help expedite your investigation and response activities.

A Faster, More Affordable Approach to PCI Compliance than Point Security Solutions

Which PCI requirements can you simplify with USM? The table below illustrates the difference between attempting to do this with point solutions vs. the combined power of USM.

 PCI DSS 3.2 Requirement AlienVault USMIntrusion DetectionMonitoringSIEMVulnerability Management
PCI DSS 3.2 Requirement:
1. Install and Maintain a Firewall Configuration to Protect Cardholder Data
1.2AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
1.3AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
See How AlienVault Fulfills Requirement 1
PCI DSS Requirements
Benefits You Gain
PCI DSS Requirements: 1.2, 1.3
Benefits You Gain:
  • In USM Appliance, unified and correlated Netflow analysis and firewall logs delivers “single pane of glass” visibility into access to cardholder-related data and all cardholder data flows across systems and networks.
  • In USM Appliance, built-in asset discovery provides a dynamic asset inventory and topology diagrams. Cardholder-related resources can be identified and monitored for unusual activity.
  • In USM, accurate and automated asset inventory combined with relevant security events accelerate incident response efforts and analysis.
PCI DSS 3.2 Requirement:
2. Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters
2.1AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
2.2AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
2.3AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
2.4AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
See How AlienVault Fulfills Requirement 2
PCI DSS Requirements
Benefits You Gain
PCI DSS Requirements: 2.1, 2.2, 2.3, 2.4
Benefits You Gain:
  • Built-in, automated vulnerability assessment identifies the use of weak and default passwords.
  • Built-in host-based intrusion detection and file integrity monitoring will signal when password files and other critical system files have been modified.
  • Automated asset inventory enumerates all of your PCI in-scope assets.
PCI DSS 3.2 Requirement:
3. Protects Stored Cardholder Data
3.6.7AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
See How AlienVault Fulfills Requirement 3
PCI DSS Requirements
Benefits You Gain
PCI DSS Requirements: 3.6.7
Benefits You Gain:
  • Unified log review and analysis, with triggered alerts for high risk systems (containing credit cardholder data).
  • Built-in host-based intrusion detection and file integrity monitoring detect and alarm on changes to cryptographic keys.
  • In USM Appliance, unified NetFlow analysis and event correlation monitors traffic and issues alerts on unencrypted traffic to/from cardholder-related resources.
PCI DSS 3.2 Requirement:
4. Encrypt Transmission of Cardholder Data Across Open, Public Networks
4.1AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
4.1.1AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
See How AlienVault Fulfills Requirement 4
PCI DSS Requirements
Benefits You Gain
PCI DSS Requirements: 4.1
Benefits You Gain:
  • Unified Netflow analysis and event correlation monitors traffic and issues alerts on unencrypted traffic to/from cardholder-related resources.
PCI DSS 3.2 Requirement:
5. Protect All Systems Against Malware and Regularly Update Anti-Virus Software or Programs
5.1AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
5.2AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
5.3AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
See How AlienVault Fulfills Requirement 5
PCI DSS Requirements
Benefits You Gain
PCI DSS Requirements: 5.1, 5.2, 5.3
Benefits You Gain:
  • Built-in host-based intrusion detection provides an extra layer of defense against zero day threats (before anti-virus updates are issued).
  • Unified log management provides an audit trail of anti-virus software use by collecting log data from anti-virus software.
  • Built-in network intrusion detection identifies and alerts on malware infections in the credit cardholder data environment.
  • Integrated vulnerability assessment discovers non-compliant endpoints without active anti-virus installed.
PCI DSS 3.2 Requirement:
6. Develop and Maintain Secure Systems and Applications
6.1AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
6.2AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
6.3AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
6.4AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
6.5AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
6.6AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
See How AlienVault Fulfills Requirement 6
PCI DSS Requirements
Benefits You Gain
PCI DSS Requirements: 6.1, 6.2, 6.3, 6.4, 6.5, 6.6
Benefits You Gain:
  • Built-in and consolidated asset inventory, vulnerability assessment, threat detection and event correlation provides a unified view of an organization’s security posture and critical system configuration.
  • Built-in vulnerability assessment checks for a variety of well-known security exploits (i.e., SQL injection).
PCI DSS 3.2 Requirement:
7. Restrict Access to Cardholder Data by Business Need to Know
7.1AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
7.2AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
See How AlienVault Fulfills Requirement 7
PCI DSS Requirements
Benefits You Gain
PCI DSS Requirements: 7.1, 7.2
Benefits You Gain:
  • Automated event correlation identifies unauthorized access to systems with credit cardholder data.
PCI DSS 3.2 Requirement:
8. Identify and Authenticate Access to System Components
8.1AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
8.2AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
8.4AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
8.5AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
8.6AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
See How AlienVault Fulfills Requirement 8
PCI DSS Requirements
Benefits You Gain
PCI DSS Requirements: 8.1, 8.2, 8.4, 8.5, 8.6
Benefits You Gain:
  • Built-in log management captures all user account creation activities and can also identify unencrypted passwords on critical systems, as well as collection and correlation of valid and invalid authentication attempts on critical devices.
  • Integrated vulnerability scanning validates password complexity requirements
  • Built-in host-based intrusion detection alerts on unauthorized attempts to access cardholder data
PCI DSS 3.2 Requirement:
10. Track and Monitor Access to All Network Resources and Cardholder Data
10.1AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
10.2AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
10.3AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
10.4AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
10.5AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
10.6AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
10.7AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
See How AlienVault Fulfills Requirement 10
PCI DSS Requirements
Benefits You Gain
PCI DSS Requirements: 10.1, 10.2, 10.3, 10.4, 10.5, 10.6, 10.7
Benefits You Gain:
  • Built-in log management captures all user account creation activities and can also identify unencrypted passwords on critical systems, as well as collection and correlation of valid and invalid authentication attempts on critical devices.
  • Integrated vulnerability scanning validates password complexity requirements
  • Built-in host-based intrusion detection alerts on unauthorized attempts to access cardholder data
PCI DSS 3.2 Requirement:
11. Regularly Test Security Systems and Processes
11.1AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
11.2AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
11.3AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
11.4AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
11.5AlienVault USM Intrusion Detection Monitoring SIEM Vulnerability Management 
See How AlienVault Fulfills Requirement 11
PCI DSS Requirements
Benefits You Gain
PCI DSS Requirements: 11.1, 11.2, 11.3, 11.4, 11.5
Benefits You Gain:
  • Built-in vulnerability assessment streamlines the scanning and remediation process – one console to manage it all.
  • Built-in host-based intrusion detection identifies the attachment of USB devices including WLAN cards.
  • Unified vulnerability assessment, intrusion detection, and event correlation provides full situational awareness in order to reliably test security systems and processes.
  • Built-in file integrity monitoring alerts on unauthorized modification of system files, configuration files, or content.
Watch a Demo ›
GET PRICE FREE TRIAL CHAT