PCI DSS 3.2 Requirement 3: Protect Stored Cardholder Data

Applies to Product:

USM Appliance™

LevelBlue OSSIM^®

Testing Procedure	How USM Appliance Delivers	USM Appliance Instructions	USM Appliance Documentation
3.4.b Examine several tables or files from a sample of data repositories to verify the PAN (Primary Account Number) is rendered unreadable (that is, not stored in plain-text).	AlienVault NIDS is capable of detecting PAN in NIDS traffic in plaintext, and alerts on it.	Existing correlation directives will generate alarms on credit card information detected in clear text.	Event Correlation
		To verify that credit card data is not being stored in plain text, create a Security Events View with the search on Event Name containing "Credit Card". And then export the view as report module and run the report.	Create Custom Reports from SIEM Events or Raw Logs
3.4.d Examine a sample of audit logs, including payment application logs, to confirm that PAN is rendered unreadable or is not present in the logs.	AlienVault NIDS is capable of detecting PAN in NIDS traffic in plaintext, and alerts on it. If a PAN is detected, it is recorded in plaintext in multiple places. It is not automatically removed or otherwise encoded. Manual removal of PAN from logs and DB is required.	Existing correlation directives will generate alarms on credit card information detected in clear text.	Event Correlation
		To verify that credit card data is not being stored in plain text, create a Security Events View with the search on Event Name containing "Credit Card". And then export the view as report module and run the report.	Create Custom Reports from SIEM Events or Raw Logs

Feedback

Questions or comments on this page's content? Let us know.

Feedback

Feedback

We have received your feedback. Thank you.