Today, we announced that all Tenable solutions have been validated by Coalfire for use in VMware environments for Payment Card Industry Data Security Standard (PCI DSS) version 3.0, the latest version of the standard.
You may be wondering – Well, what does it mean to me?
Any organization that transmits, processes, or stores payment card data must comply with PCI DSS 3.0 requirements by Jan 1, 2015. However, PCI guidance is written to be vendor agnostic and organizations must interpret the requirements and map these requirements to vendor solutions. Virtualization software adds further complexity to this effort.
To help organizations, VMware and Coalfire, a VMware partner and a certified Qualified Security Assessor and Payment Application QSA company, have engaged with VMware partners to analyze their solutions as integrated into the VMware Reference Architecture. The VMware Product Applicability Guide for PCI DSS v 3.0 , available on the VMware Solution Exchange, outlines the process of mapping of product capabilities to the PCI controls.
The Tenable validation by Coalfire (available on the Tenable website as the VMware Product Applicability Guide) gives companies the opportunity to take full advantage of virtualization technologies while maintaining the security controls and addressing the latest compliance validation obligations.
The Coalfire validation applies to all Tenable products including Nessus®, Nessus® Enterprise, Nessus® Enterprise Cloud, Passive Vulnerability Scanner™ (PVS), SecurityCenter™ and SecurityCenter Continuous View™.
Note: Passive Vulnerability Scanner (PVS) is now Nessus Network Monitor. To learn more about this application and its latest capabilities, visit the Nessus Network Monitor web page.