PCI Compliance

Tenable Network Security Validated for PCI DSS 3.0 for VMware

by Manish Patel
June 10, 2014

Today, we announced that all Tenable solutions have been validated by Coalfire for use in VMware environments for Payment Card Industry Data Security Standard (PCI DSS) version 3.0, the latest version of the standard. 

 You may be wondering – Well, what does it mean to me?

Five 'Truths' About PCI Compliance and Cybersecurity

by Jeffrey Man
April 28, 2014

Posted originally on Wired, InnovationInsights blog

In my last blog, I dispelled three common misconceptions about the Payment Card Industry (PCI) Data Security Standard. And to lend further insight about PCI — especially with regard to its impact upon your cybersecurity assurance — I’d like to share five "truths" that you must know about your approach to cybersecurity and PCI compliance:

Nessus Perimeter Service Wins Global Excellence Award for PCI Compliance

by Jeffrey Man
March 7, 2014

Tenable Network Security was recognized at the 10th Annual Info Security Industry’s Global Excellence Awards dinner held last week in San Francisco. Nessus®/ Nessus Perimeter Service™ received a Global Excellence Award in the PCI Compliance Category. The Info Security Products Guide recognizes that over two-thirds of all PCI-Certified Approved Scanning Vendors (ASV) use Nessus, making Nessus the preferred vulnerability scanning solution for those companies that provide compliance validation services.

Tenable Launches “Straight Talk About PCI” Discussion Forum

by Jeffrey Man
December 19, 2013

Have you ever tried to navigate the PCI website and gotten lost and confused?

Are you part of the 99% of companies that must traverse the PCI Compliance landscape as part of the “Self-Assessment” or “do-it-yourself” crowd?

Have you been overwhelmed by vendor claims of “PCI made easy” or “PCI Compliance in 10 minutes” or “PCI in a Box”?

Does it bother you that the answers to your questions are often tied to the product/solution the vendor is selling?

What's Wrong with P2PE

by Jeffrey Man
October 31, 2013

The Payment Card Industry Security Standards Council announced at the European Community Meeting in Nice, France the first validated Point-to-Point Encryption (P2PE) solution. The P2PE application/solution validation programs were first introduced by the PCI SSC over two years ago, so while some might say “it’s about time a solution was validated” it at least appears that the P2PE validation program is quite challenging and complex. European Payment Services (EPS), being the first company to have a solution listed, should be commended.