Support
 
Support Get Quote
 
 
 
 

PCI DSS Compliance 3.2 Whitepaper

 

Meet PCI DSS log monitoring requirements with EventLog Analyzer

Meeting credit card industry security standards by attaining PCI DSS compliance is vital for the protection of cardholder data. In fact, there's a strong correlation between companies that experience a breach and noncompliance. The latest version of PCI DSS, 3.2, has 12 requirements, each with several measures that organizations must implement in order to pass the audit.

Download our PCI DSS SIEM guide to learn about the important SIEM (security information and events management) capabilities you need to pass your PCI DSS audit.

Log monitoring is a crucial aspect of PCI DSS compliance. The objective for organizations is to be in a position to identify security incidents immediately and respond before they result in a data breach. The technical measures that organizations must implement are elaborated in requirement 10, but they also appear in other requirements, such as 11.5.

Broadly speaking, organizations must ensure they have the capability to:

  • Collect logs from the network and maintain the audit trail
  • Store logs securely
  • Implement change detection and file integrity monitoring
  • Review security events at least every 24 hours
  • Investigate and respond to security incidents promptly

Apart from providing these capabilities, the log monitoring solution itself should meet data integrity requirements. The following documents give details on how EventLog Analyzer securely handles log data, system defaults, and authentication mechanisms:

Top 5 critical alerts banner

EventLog Analyzer Trusted By

Los Alamos National Bank Michigan State University
Panasonic Comcast
Oklahoma State University IBM
Accenture Bank of America
Infosys
Ernst Young

Customer Speaks

  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

Awards and Recognitions

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
A Single Pane of Glass for Comprehensive Log Management