PCI DSS 3.2 Requirement 7: Restrict Access to Cardholder Data by Business Need to Know

Applies to Product: USM Appliance™ AlienVault OSSIM®

Testing Procedure

How USM Appliance Delivers

USM Appliance Instructions

USM Appliance Documentation

7.1 Limit access to system components and cardholder data to only those individuals whose job requires such access.

USM Appliance can collect security/access logs to provide evidence of access to system components.

Create a directive to Alert on occurrences of successful logins to restricted or limited resources, excluding authorized usernames, which will trigger immediate alarms of possible unauthorized access.

Tutorial: Create a New Directive to Detect DoS Attack