Applies to Product:

USM Appliance™

LevelBlue OSSIM®

The purpose of this topic is to assist customers in utilizing LevelBlue USM Appliance to help achieve Payment Card Industry Data Security Standards (PCI DSS) compliance.  Many businesses do not have the tools, knowledge, and resources to fulfill the requirements for PCI Compliance. USM Appliance can play a pivotal role for you by delivering the technologies necessary to achieve PCI compliance. 

The PCI DSS are a set of technical and operational requirements designed to ensure that all companies that process, store, or transmit credit card information maintain a secure environment.  Administered by the PCI Security Standards Council, the PCI standard requires validation of compliance on an annual basis.

PCI DSS compliance is a complex process, and the requirements can vary for different organizations, depending on your industry and organization size. You can use the USM Appliance platform’s unified approach and built-in essential security capabilities to accelerate and simplify your ability to assess and validate your compliance on critical PCI components. This topic explains which PCI testing procedure that USM Appliance addresses, and how you can use USM Appliance to help you achieve PCI compliance.

• PCI DSS 3.2 Requirement 1: Install and Maintain a Firewall Configuration to Protect Cardholder Data
• PCI DSS 3.2 Requirement 2: Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters
• PCI DSS 3.2 Requirement 3: Protect Stored Cardholder Data
• PCI DSS 3.2 Requirement 4: Encrypt Transmission of Cardholder Data Across Open, Public Networks
• PCI DSS 3.2 Requirement 5: Protect All Systems Against Malware and Regularly Update Anti-Virus Software or Programs
• PCI DSS 3.2 Requirement 6: Develop and Maintain Secure Systems and Applications
• PCI DSS 3.2 Requirement 7: Restrict Access to Cardholder Data by Business Need to Know
• PCI DSS 3.2 Requirement 8: Identify and Authenticate Access to System Components
• PCI DSS 3.2 Requirement 9: Restrict Physical Access to Cardholder Data
• PCI DSS 3.2 Requirement 10: Track and Monitor Access to All Network Resources and Cardholder Data
• PCI DSS 3.2 Requirement 11: Regularly Test Security Systems and Processes

Table Legend

Table Headings	Description
Testing Procedure	Description of the PCI Testing Procedure
How USM Appliance Delivers	Explanation of how USM Appliance delivers on this PCI requirement
USM Appliance Instructions	Instructions on how to set up USM Appliance to meet this requirement
USM Appliance Documentation	Link to specific documentation for setting up USM Appliance