LTS Secure SOC BOX: PCI DSS Cyber Security Compliance Management

 

For organizations handling credit card data or other type of payment card data, must possesses PCI DSS compliance software. Failure in doing so, can result in fines & penalties, and in case of data breach due to non-compliance, may lead to organizations paying millions in settlement, legal fees & loss of reputation. 

Still, security teams encounter difficulties while meeting security technology required by PCI DSS 3.2. This occurs due to the difficulty to properly identify which security tools are required to achieve PCI DSS Compliance.

LTS Secure SOC BOX helps you get ready for your next PCI DSS audit by delivering everything you need in a unified, affordable & easy-to-use solution.

  • Asset Discovery & Management
  • Vulnerability Assessment & Management
  • Event Correlation
  • Threat Intelligence
  • Intrusion Detection (IDS)
  • File Integrity Monitoring (FIM)
  • PCI DSS Compliance Reporting
  • Log Management & Monitoring

The solution helps you ensure continuous security & compliance monitoring to help you achieve PCI DSS compliance faster by allowing you to centralize monitoring of all your on-premise & cloud application.

LTS Secure SOC BOX Address the Most Challenging PCI DSS Requirements:-

  • PCI Requirement 5: Protect all systems against malware
  • PCI Requirement 6: Develop and maintain secure systems and applications
  • PCI Requirement 10: Track and monitor all access to network resources and cardholder data
  • PCI Requirement 11: Run vulnerability scans at least quarterly, and after any significant change in your network
  • PCI Requirement 12: Implement an Incident Response Plan

Discover How LTS Secure SOX BOX Supports
PCI DSS Requirements

 

PCI Requirement

PCI Sections LTS SECURE SOX BOX Addresses

How LTS Secure SOC BOX Helps

1. Install and maintain a firewall configuration to protect cardholder data.

1.1, 1.2, 1.3

  • Built-in asset discovery provides a dynamically updated inventory of assets across your cardholder data environment; ensuring only authorized endpoints are deployed.
  • Capture events relating to configuration changes on firewalls and routers, including when user accounts get updated.
  • Discover unauthorized communications, such as between untrusted networks and systems within the cardholder data environment.

2. Do not use vendor-supplied defaults for system password and other security parameters.

2.1, 2.2, 2.3, 2.4, 2.6

  • Identify use of default system accounts on Windows machines.
  • File Integrity Monitoring can detect changes and access to critical system and application files, and Windows Registry entries.
  • Identify vulnerabilities such as where an application may have cryptographic algorithm vulnerability, and recommend if patches or workarounds are available.
  • Identify what services are running, and what ports are open, on systems.
  • Built-in asset discovery provides a dynamically updated inventory of what systems are operational in your environment, and what software is running on each.
  • Discover and monitor assets running on-premises and in cloud environments.

3. Protect stored cardholder data

3.6, 3.7

  • Monitor for changes to Office 365 policies, including Data Leakage Protection (DLP), information management, and more.
  • File Integrity Monitoring can detect when SSH or similar cryptographic keys are modified.
  • Unified log review and analysis, with triggered alarms for high risk systems.

4. Encrypt transmission of cardholder data across open, public networks

4.1, 4.3

  • Identify when network traffic goes to unauthorized networks.
  • Identify systems using compromised or insecure protocols that may increase their risk of being attacked.
  • Monitor for changes to Office 365 policies, including Information Management and more.

5. Protect all systems against malware and regularly update antivirus software or programs

5.1, 5.2, 5.3, 5.4

  • Identify systems susceptible to known vulnerabilities, or that may not have antivirus installed and/or operational.
  • Identify for indicators of malware-based compromise, and orchestrate manual and automated actions to isolate infected systems and block malicious domains.
  • Monitor and store events from antivirus solutions that could indicate a compromise, or attempt to disable antivirus software.
  • Monitor for changes to Office 365 policies, including Information Management and more.

6. Develop and maintain secure systems and applications

6.1, 6.2

  • Identify systems susceptible to known vulnerabilities, with systems ranked as 'high,' 'medium,' and 'low' risk vulnerabilities.
  • Identify patches or workarounds available to vulnerable systems.

7. Restrict access to cardholder data by business need to know

7.1, 7.3

  • Identify attempts to access systems using privileged accounts.
  • Identify escalation of privilege attempts.
  • Monitor for changes to Office 365 policies, including Information Management and more.

8. Identify and authenticate access to system components

8.1, 8.2, 8.5

  • Aggregate logs and events from systems, applications, and devices from across your on-premises and cloud environments.
  • Identify attempts to use retired or default user credentials.
  • Monitor and alarm on Group Policy errors.

10. Track and monitor all access to network resources and cardholder data

10.1, 10.2, 10.3, 10.4, 10.5, 10.6, 10.7, 10.8

  • Aggregate, analyze, and archive logs and events from systems, applications, and devices from across your on-premises and cloud environments.
  • Identify logon success and failures.
  • Identify privilege escalation attempts.
  • Identify where systems are out of sync with the current time and/or Domain Controller, or for non-typical traffic on port 123.
  • Identify unauthorized attempts to access or modify key logs.
  • Identify where security tools, such as antivirus and firewalls, have been disabled or have failed to start.
  • Captures all user account creation and modification activities.

11. Regularly test security systems and processes

11.1, 11.2, 11.4, 11.5, 11.6

  • Assess systems for vulnerabilities, and where found rank them as 'high', 'medium,' and 'low' risk.
  • Monitor access to and attempt to modify system and application binaries, configuration files, and log files.
  • Monitor user and administrator activities in cloud environments such as Azure and AWS, and within cloud applications such as Office 365.
  • Apply labels to alarms.
  • Generate incident tickets within the LTS Secure SIEM console.

12. Maintain a policy that addresses information security for all personnel

12.1, 12.5, 12.8

  • Monitor for changes to Office 365 policies, including Data Leakage Protection (DLP), information management, and more.
  • Monitor all administrative activities through popular authentication and authorization solutions like Azure Active Directory.
  • Monitor network traffic for violations of policy, such as communications that cross your cardholder data environment perimeters.

ABOUT US

LTS Secure offers Security Suite to rationalize, prioritize & automate response to risks in your environment. Comprehensive Cyber Security Solutions with continuous monitoring at all layers of the IT stack: network packets, flows, OS activities, content, user behaviors and application transactions