Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Solutions for PCI DSSAssess and Monitor PCI Compliance

PCI security standards impact virtually every organization involved with credit card processing, including merchants, financial institutions, point-of-sale vendors and hardware/software developers involved in processing payments. Because payment card information is one of the most appealing targets for attackers, protecting payment card transactions and cardholder data (CHD) is crucial.

Potential impact of a credit card breach:

  • Lost confidence, so customers go to other merchants
  • Legal costs, settlements and judgments
  • Diminished sales
  • Fines and penalties
  • Cost of reissuing new payment cards
  • Termination of ability to accept payment cards
  • Fraud losses
  • Lost jobs (CISO, CIO, CEO and dependent professional positions)
  • Higher subsequent costs of compliance
  • Going out of business

Maintaining compliance continues to be a challenge for organizations. Nearly half (47.5%) of the organizations assessed for interim PCI DSS compliance validation had not maintained all DSS controls.

2018 Payment Security Report, Verizon.

Benefits of The Solution

Assess
In-scope Assets

Covers virtually all in-scope assets in cardholder data environments, including servers, databases, web applications and network devices.

Streamline Compliance Documentation

Simplifies the work of documenting compliance status with out-of-box scan and reports templates.

Boost
Productivity

Accelerates security risk assessment to quickly identify and prioritize vulnerabilities and misconfigurations.

Reduce
Administration Costs

Eliminate internal hosting and administration costs with Tenable.io, hosted in the cloud.

The Tenable solution starts with a foundation of Tenable.sc or Tenable.io, and then builds on the foundation by adding Tenable.io PCI ASV and Tenable.io Web Application Scanning, as needs require.


Configuration Compliance
(PCI DSS 2.2)
Establish a process to identify security vulnerabilities and assign a risk rating to newly discovered vulnerabilities
(PCI DSS 6.1)
Ensure that all system components and software are protected from known vulnerabilities by installing vendor-supplied security patches.
(PCI DSS 6.2)
For public-facing web applications, address new threats and vulnerabilities on an ongoing basis.
(PCI DSS 6.6)
Internal Vulnerability Scanning
(PCI DSS 11.2.1)
External Vulnerability Scanning
(PCI DSS 11.2.2)

Tenable.sc(™), the on-premises Cyber Exposure platform, evaluates vulnerability and configuration data across the cardholder data environment. Prioritize security risks and provide clear insight into PCI DSS compliance.

This comprehensive PCI DSS solution provides the continuous visibility, critical context and actionable intelligence service providers and merchants need to monitor PCI technical controls, year-round.

  • Automate host activity data collection and review. Identify threats to cardholder data in near real-time.
  • Maintain compliance between assessments.
  • Measure and communicate your PCI compliance program status with all stakeholders.
Schedule a Demo Learn More

Tenable.io®, the cloud-based Cyber Exposure platform, helps protect cardholder data whether it is being captured by an ecommerce website, or stored on-premises or in the cloud.

Tenable.io and available applications address multiple PCI DSS compliance requirements to help organizations measure and manage cyber risk well beyond the assets that are in scope for PCI DSS. Tenable.io eliminates blind spots with the industry’s most comprehensive visibility into traditional and modern assets, such as cloud, mobile devices, containers and web applications.

  • Identify and prioritize vulnerabilities and misconfigurations across modern assets.
  • Integrate with ITSM solutions to streamline remediation workflows.
  • Verify that patches have remediated vulnerabilities.
Try for Free Buy Now

Tenable.io® PCI ASV, an add-on to Tenable.io®, streamlines verification of adherence with the PCI Data Security Standard 11.2.2 requirement for external vulnerability scanning.

Pre-configured scan templates and an efficient evidence/dispute resolution process lets you quickly run scans, submit attestation requests and resolve disputes.

  • Meet quarterly PCI ASV scanning requirements with minimal impact on staff resources.
  • Scan yassets when convenient for your organization, and rescan as needed to obtain a result that is ready for review.
  • Streamline the resolution process by batching disputes and reusing previously submitted dispute documentation.
Try for FreeDownload the Data Sheet

Tenable.io® Web Application Scanning delivers safe and automated vulnerability scanning for your in-scope web applications.

Tenable.io Web Application Scanning safely, accurately and automatically scans your web applications, providing deep visibility into vulnerabilities and valuable context to prioritize remediation.

  • Understand the sitemap applications layouts to identify in-scope web application
  • Scan HTML5 and single page applications, along with traditional HTML apps.
  • Enable highly automated no-touch scans for continuous protection. Easily define the frequency of automated testing.
Try for Free Buy Now

Content Needed

Solution Brief

Addressing PCI DSS with Tenable.io

Whitepaper

How to Enable Continuous PCI DSS Compliance Monitoring

Datasheet

Tenable.io PCI ASV Attestation

Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.