PCI DSS Indicators Report

by Cody Dumont
June 19, 2013

The PCI Indicator report provides the information found when using the "PCI DSS Indicators Dashboard Dashboard"

The report is comprised of five chapters, with individual sections containing descriptive paragraphs and tables to summarize the vulnerabilities and the affected hosts.

The "PCI DSS Compliance" chapter includes six sections that provide a vulnerability summary table and a host summary table for the systems impacting your PCI DSS status. The plugins are used to identify systems that are known to have failed a PCI DSS scan or if no passing PCI DSS scans have been found.

The "PCI DSS Status Per Host" chapter displays systems with PCI scan results older than 7 days or 30 days.

The "Web Vulnerabilities" chapter reports on a variety of plugins supporting PCI DSS compliance, including the presence of generic web vulnerabilities, exploitable web services, web application testing results from Nessus, cross-site scripting and SQL injection. The presence of any of these matching vulnerabilities are listed within the respective tables.

The "SSL Security Audits" chapter displays a wide variety of SSL encryption tests performed by Nessus. A majority of these will cause your PCI DSS scans to fail certification. These indicators have to do with weak cryptography, known certificates that have been compromised and vulnerabilities directly associated with SSL. 

The "PCI Configuration Issues" chapter itemizes specific configuration audits performed by Nessus via one of the many PCI audit policies available on Tenable's Support Portal. The results are categorized by PCI sections 1 through 12, and any non-compliant system settings are listed in the respective table.