Payment Card Industry – Data Security Standards (PCI-DSS) Compliance Reports
August 17, 2023You need to observe the PCI-DSS (Payment Card Industry – Data Security Standards) guidelines if your organization store, transmit or process customer credit card data.
EventLog Analyzer ensures compliance of Payment Card Industry Data Security Standard (PCI- DSS) Requirement 10. This section mandates payment service providers and merchants to track and report on all access to their network resources and cardholder data through system activity logs. When something goes wrong in the network, the presence of logs in networked environment allows forensic analysis to pin-point the exact cause. Without system activity logs it would be difficult to determine the cause of a compromise.
PCI-DSS requirements 10.1 & 10.2.2 – User Access
- Individual User Action
PCI-DSS requirements 10.2.1 & 10.2.3 – Logon
- Successful User Logons
- Successful User Logoffs
- Unsuccessful User Logons
- Terminal Service Session
PCI-DSS requirements 10.2.3 – Policy Changes
- User Policy Changes
- Domain Policy Changes
- Audit Policy Changes
PCI-DSS requirements 10.2.6 – System Events
- System Logs
- Audit Logs Cleared
PCI-DSS requirements 10.2.7 – Object Access
- Object Accessed
- Object Created
- Object Modified
- Object Deleted
- Object Handle