Event log management & network vulnerability management for PCI DSS compliance

Thousands of events are generated by operating systems, applications, databases and devices. Keeping track of these events, or events log management, is time-consuming unless you have a solution that automatically categorizes events by severity and alerts you on critical events. Data logging is key to meeting PCI DSS requirements since logs provide audit trails of all activities in a credit card holder data environment and hence, a comprehensive log management system would provide you with the functionality you need to help you become PCI DSS compliant.

Reports accompanying the GFI PCI Suite have been designed to present information in the format specified by PCI DSS requirement 10.3. Using the GFI EventsManager reporter as part of the GFI PCI Suite, you can create or customize reports including standard reports such as:

• Access to all audit trails
• Invalid access attempts
• Initialization of audit logs
• Identification and authentication reports
• Account usage reports
• And more!

GFI EventsManager helps your organization to address the following 4 areas:

• Information system and network security: Detect intruders and security breaches
• System health monitoring: Proactively monitor your servers
• Legal and regulatory compliance: An aid to meet regulatory compliance
• Forensic investigations: A reference point when something goes wrong.

GFI LANguard Network Security Scanner is a complete network vulnerability management solution that scans your network IP by IP and proactively identifies vulnerabilities before these are exploited by malicious users. GFI LANguard N.S.S. scans the entire network, performs over 15,000 vulnerability assessments, identifies all possible security threats and provides the tools you need to remediate many of the vulnerabilities and manage missing patches. An excellent ReportPack add-on provides extensive reporting functionality and along with GFI LANguard N.S.S. makes up the essential, cost-effective solution that businesses need to safeguard their networks and gauge the effectiveness of their PCI compliance program.

Reports accompanying the GFI PCI Suite have been designed to present information in the format specified by PCI DSS requirement 10.3. Using the GFI LANguard N.S.S. reporter as part of the GFI PCI Suite, you can create or customize reports including standard reports such as:

• Anti-virus program status
• Password audit policies

GFI LANguard N.S.S. also checks that supported security applications such as anti-virus and anti-spyware software are updated with the latest definition files and are functioning correctly. For example, you can ensure that supported security applications have all key features (such as real-time scanning) enabled.