VMware Product Applicability Guide for PCI DSS
All organizations that transmit, process, or store payment card data must comply with PCI DSS 3.0 requirements by Jan 1, 2015.
However, PCI guidance is written to be vendor agnostic, and as a result, can be challenging to map to vendor solutions. Furthermore, virtualization software introduces complexity to validating against the compliance requirements.
To help organizations understand how a vendor’s solutions map to these requirements, Coalfire and VMware have implemented a structured program that evaluates VMware products and solutions for PCI control capabilities mapped into the VMware Reference architecture.
As a VMware partner and a certified Qualified Security Assessor and Payment Application QSA, Coalfire has validated Tenable’s solutions against the PCI DSS 3.0 standard for use in VMware environments. The following document provides details of how each Tenable solution addresses the PCI DSS 3.0 requirements.