PCI Compliance
Tenable for PCI Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is a comprehensive set of security standards required by major credit card companies to protect cardholder data. Every business that accepts and stores credit card data must comply with the PCI DSS.
Tenable offers a range of solutions for help you determine and validate PCI compliance and remain compliant between audits as your network changes.
PCI Vulnerability Audits with Nessus
Integrate PCI audits into your vulnerability scanning with the Nessus® vulnerability scanner. Prepare for a PCI compliance assessment using Nessus PCI audit reports. These generate simple PCI pass / fail results — making analysis of large numbers of servers or vulnerability results easy and automatic.
PCI ASV Validation with Nessus Perimeter Service
Tenable Network Security is a PCI ASV. Use Nessus Perimeter Service™ to perform unlimited PCI vulnerability scans and submit up to two scans per calendar quarter for Tenable PCI ASV validation.
Intelligent Continuous Monitoring with Tenable USM
Monitor and assess your PCI compliance continuously by combining Nessus with the other components within the Unified Security Monitoring architecture: SecurityCenter, Passive Vulnerability Scanner, and the Log Correlation Engine.
PCI Vulnerability Audits with Nessus
The PCI DSS strongly advocates analysis by a trusted third party. With Nessus, organizations can run PCI vulnerability scans to identify and correct issues well before the official audit occurs. This also helps reduce the cost of the official audit by reducing the time it takes to get the auditors the information they need.
Nessus can also identify sensitive data that may be subject to PCI compliance requirements, such as credit card numbers and Social Security numbers. Nessus can perform these searches without an agent and only requires valid credentials to scan a remote computer.
PCI ASV Validation with Nessus Perimeter Service
Tenable Network Security is a PCI ASV and is certified to validate PCI vulnerability scans of Internet-facing systems for adherence to the PCI DSS.
- Use a single solution, Nessus Perimeter Service, to perform PCI scans and submit them for quarterly PCI ASV validation.
- Submit up to 2 PCI scans per calendar quarter for validation by Tenable’s PCI-certified professionals.
- Easily generate executive, attestation, and detailed reports — offering proof of compliance needed for submission to an acquiring bank.
Intelligent Continuous Monitoring with Tenable USM
Nessus is a component of Tenable's Unified Security Monitoring (USM) platform, which also includes Tenable SecurityCenter, the Tenable Passive Vulnerability Scanner (PVS), and the Tenable Log Correlation Engine (LCE). The Tenable USM platform offers enterprises continuous monitoring and centralized intelligence for PCI compliance.
- Continuously monitor and discover new devices on the network that may create PCI exposure.
- Secure log aggregation / storage and log normalization / search for compliance monitoring and analysis.
- Identify PCI-relevant assets and limit PCI scans to those assets, reducing time and resources required for regular scans.
- Create a single view of risk exposure that includes Internet-facing web application vulnerabilities.
Read more about how the Tenable USM platform can help monitor the 12 PCI Requirements.
For more information on how the Tenable USM platform can help your organization with PCI compliance auditing, view the “Real-time PCI Compliance Monitoring” whitepaper.
Buy Nessus Perimeter Service
Scan your Internet-facing IPs and submit for quarterly PCI ASV validation
Buy Now