Close PCI DSS security gaps

With the release of PCI DSS 3.2, you face even more accountability in proving that controls are in place, and that critical systems both inside and outside the Card Data Environment (CDE) are protected. You need an endpoint solution that will reduce the complexity of balancing security and compliance and demonstrate “security assurance.” With Carbon Black you can continuously monitor and measure the effectiveness of existing security controls, identify new areas that need to be addressed, and have a true measurement of your security posture to report to your auditors and your board.

The Cb Endpoint Security Platform is a lightweight, proven next-generation endpoint protection platform that helps you maintain continuous compliance with the security controls required by PCI DSS. The Cb Endpoint Security Platform is the only endpoint solution that provides Coalfire-validated controls against several PCI DSS requirements.

of the payment breaches investigated by Verizon over the lat 10 years, not a single organization was compliant with PCI DSS at the time of the breach

– 2015 Verizon PCI Compliance Report

Software asset analysis

  • Easily sift out any untrustworthy or negative activity that will affect your compliance posture
  • See all activity across the enterprise, control assets, and enforce compliance

Asset integrity monitoring

  • Prove evidence and artifact of any changes to critical assets
  • Maintain a protected record of change and how change corresponds to specific trust policies and requirements
  • Identify the presence or absence of vendor-supplied security patches

Patch & vulnerability analytics

  • Real-time assessment vulnerability analysis and response, delivered via the cloud
  • No reliance on manual updates, covers unsupported elements of a system, i.e., Windows XP
  • See the entire kill chain in seconds

Threat prevention & reporting

  • Real-time monitoring and threat intelligence delivered via the cloud
  • Real-time enforcement engine with endpoint and network integration
  • Replace outdated antivirus solutions
  • Remove unwanted items

Access policy enforcement

  • Complete audit trail to demonstrate compliance awareness is addressed
  • Prevents unauthorized software or change configurations
  • Regulates use of USB ports and removable devices
  • Automated workflow to request, approve, and track exceptions and repository to produce full compliance reports

Related Resources

Blog: Ransomware Increasingly Targeting Hospitals As They Are ‘Forced’ to Pay

BLOG: 3 Steps Compliance Teams Should Consider Regarding End-of-Life Systems

White Paper: Coalfire Attestation Report

Solution Brief: PCI DSS 3.0