In 2015, Coalfire Systems, Inc., a leading provider of IT advisory services for security, validated Cb Protection as an effective Payment Card Industry Data Security Standard (PCI DSS) control. Carbon Black was the first next-generation endpoint security company to receive this validation.
In its report, Coalfire stated: “Carbon Black provides the flexibility to enable, manage, and meet PCI DSS requirements in many areas. Cb Protection helps organizations with various PCI requirements, including:
- File-Integrity monitoring /control
- Change monitoring and alerting
- Audit trail retention
In 2017, Coalfire conducted assessment activities including technical testing, architectural assessment, and compliance validation of Cb Protection for the PCI DSS v3.2 anti-malware requirement and found that Cb Protection platform met this requirement as a direct control.
Cb Protection provides coverage across eight of the 12 requirements of the PCI DSS and supports critical security goals, including:
- Stop all types and forms of malicious software.
- Protect and secure in-scope, integrated, and out-of-scope systems.
- Ensure that security policies and operational procedures are documented, in use, and known to all affected parties.
- Establish a process to immediately identify security vulnerabilities and assign a risk ranking.
- Control change, resulting in less data to analyze, which reduces administrative efforts.
- Receive real-time alerts so you can act immediately to protect all of your critical systems and data