Requirements and Milestones Reporting
|
|
- Delilah Lee
- 6 years ago
- Views:
Transcription
1 IBM BigFix Compliance PCI Add-on Requirements and Milestones Reporting Payment Card Industry Data Security (PCI DSS)
2 Table of Contents Introduction...2 Installing the reports manually...3 Updating the reports manually...7 Installing the reports using the script (import_milestones.sh)...8 Updating the reports using the script (import_milestones.sh) Appendix A: PCI DSS Requirements A.1: All checklists with requirements A.2: Checks List for PCI DSS Requirement 10 and mapping to PCI DSS standard A.3: Checklist Overview for PCI DSS Requirement A.4: Checks List for PCI DSS Requirement A.5: Check Overview for PCI DSS requirement A.6: List of Computers for PCI DSS Requirement A.7: List of checks and computers that are compliant to PCI DSS requirement A.8: List of checks and computers that are not compliant to PCI DSS requirement Appendix B: PCI DSS Milestones B.1: All checklists with milestones B.2: Milestones Summary Checklist Overview Report B.3: Checks List for PCI DSS Milestone 1 and mapping to PCI DSS prioritized approach B.4: Checklist Overview for PCI DSS Milestone B.5: Checks List for PCI DSS Milestone B.6: List of Computers for PCI DSS Milestone B.7: List of checks and computers that are compliant to PCI DSS milestone B.8: List of checks and computers that are not compliant to PCI DSS milestone
3 Introduction Use Security and Compliance Analytics (SCA), now known as IBM BigFix Compliance, to navigate and explore security configuration check results. SCA is a web-based application designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals. These reports can be filtered, sorted, grouped, customized, or exported according to your preferences and requirements. In addition to the available reports in SCA, IBM BigFix Compliance PCI Add-on provides supplementary reports that show the cumulative state aggregated on the level of specific Payment Card Industry Data Security Standard (PCI DSS) requirement or milestone. These reports are generated based on the data from the available PCI DSS checklists. To use these supplementary reports, you need to complete the installation steps discussed in this document. Note: The SCA exceptions do not exclude chosen PCI DSS Fixlets from the Requirements and Milestones Reporting as cumulative result contains all results. Results from the Requirements and Milestones Reporting also include summary views at the home page or on computer level. 2
4 Installing the reports manually Before you Begin To access the PCI DSS Requirements and Milestones Reporting from SCA, complete the following steps: Process 1. Subscribe to either the PCI DSS Checklist for Windows 2012 site or the PCI DSS Checklist for RHEL 6 site. 2. Deploy the Environment Setup Task - Download Requirements and Milestones Reporting Installer task to download the reports installer (import_milestones.zip package). 3. Extract the BES directory with.bes files to your local disk. To install the reports manually, you must import each of the files to a separate custom site using IBM BigFix Console. 1. Create a custom site for each.bes file. a. From the IBM BigFix console, click Tools > Create Custom Site. b. Enter a name for the custom site and click OK. 3
5 2. Import a Fixlet to the custom site. a. On your local disk, browse for the Fixlet that you want to add in the custom site and double-click it. The dialog window on the IBM BigFix Console opens. b. On the right-upper corner of the console, select the custom site that you created for this Fixlet in step 1 and click OK. 4
6 All the Fixlet are available in the IBM BigFix Console. 3. Complete steps 1 and 2 for each.bes file. 4. When all the custom sites for the Requirement and Milestones Reports are created and new Fixlets and analyses are imported in the IBM BigFix Console, you must subscribe computers to each site. Note: To enhance this process you can use Computer Groups. You can create the groups manually, assign computers to them, and then assign the computer groups to the reporting custom sites. 5
7 5. Run the Environment Setup Tasks. There are two separate environment setup tasks: one is designed for the PCIDSS Milestone site and the other for all other Requirement and Milestones Reporting sites. Both of them are located under PCIDSS_Milestones site. 6. Import data to the SCA by running Import from the SCA console. Note: In case of updates to the Requirements and Milestones Reporting, you must delete the outdated content from the IBM BigFix console. For more information, see Updating the reports manually. 6
8 Updating the reports manually To update the Requirements and Milestones Reporting, complete the following steps: 1. Remove all the Fixlets and analyses in every custom site that you have created for the reporting. You may also need to delete the custom site. This step ensures that no duplicates will be created. 2. Import the new version of the Fixlets and analyses by importing the definitions from the.bes files. a. On your local disk, browse for the Fixlet that you want to add in the custom site and double-click on it. The dialog window on the IBM BigFix Console opens. b. On the right-upper corner of the console, select the custom site that you created for this Fixlet in step 1 and click OK. 3. After the sites are updated you need to run both environmental setup tasks. There are two separate environment setup tasks: one is designed for the PCIDSS Milestone site and the other for all other Requirement and Milestones Reporting sites. Both of them are located under PCIDSS_Milestones site. Note: If you created a new custom site from scratch, ensure that computers are subscribed to the site. 7
9 Installing the reports using the script (import_milestones.sh) The provided installation script creates and configures the necessary files to collect data from the endpoints and display them in the reports in SCA. The script can be used on Windows or Linux OS and with Cygwin and curl package. Running the script creates the following resources in your local disk: 3 computer groups (PCIDSS_Requirement_Group, PCIDSS_Milestones_Group, PCIDSS_Milestone_Group) 16 custom sites and upload them in the IBM BigFix console with the corresponding Fixlets Before you Begin Ensure that you have the curl package installed as it is required to use the script. To access the PCI DSS Requirements and Milestones Reporting from SCA, complete the following steps: 1. Subscribe to either the PCI DSS Checklist for Windows 2012 site or the PCI DSS Checklist for RHEL 6 site. 2. Deploy the Environment Setup Task - Download Requirements and Milestones Reporting Installer task to download the reports installer (import_milestones.zip package). 3. Extract the files to your local disk. The package contains: - import_milestones.sh - BES directory with.bes files - META-INF directory with the manifest Process 1. Updated the script with the URL to IBM BigFix console and credentials as follows: host=" userpass="admin:xxxxxxxx" For the port number, see the masthead file located in <InstallationPath>\BigFix Enterprise\BES Installers\Server\masthead.afxm. The default port is Note: When modifying the file on a Windows OS, you need to keep the UNIX formatting (end of line character). 2. Execute the script in the current directory:./import_milestones.sh 8
10 3. When all the custom sites for the Requirement and Milestones Reports are created in the IBM BigFix Console along with the Fixlets, you must subscribe all computers to each site. Note: To enhance this process you can use the Computer Groups that were created and assigned to the reporting custom sites. You must assign computers to the groups. 4. Run the Environment Setup Tasks. There are two separate environment setup tasks: one is designed for the PCIDSS Milestone site and the other for all other Requirement and Milestones Reporting sites. Both of them are located under PCIDSS_Milestones site. 5. Import data to the SCA by running Import from the SCA console. 9
11 Updating the reports using the script (import_milestones.sh) The script can be used to update the Requirements and Milestones Reporting. To perform this task you can use the script in the same way as during the installation. See Installing the reports using the script (import_milestones.sh)the script will remove the Fixlets and analyses from the following reporting custom sites and import the new versions of the files. During the removal, the percentage of action progress will be presented. The whole process can take about 1 hour approximately. Once it is completed, all the sites will have the new Fixlets and analyses. The computer assignments using the computer groups will not be affected. 10
12 Appendix A: PCI DSS Requirements This section shows BigFix Compliance reports that are generated based on the Requirements and Security Assessment Procedures for PCI DSS 3.2. The PCI DSS security requirements apply to all system components included in or connected to the cardholder data environment. PCI DSS comprises a minimum set of requirements for protecting account data, and may be enhanced by additional controls and practices to further mitigate risks, as well as local, regional and sector laws and regulations. In this appendix, we will use Requirements 10 as an example to show the PCI DSS Requirements Reporting. 11
13 A.1: All checklists with requirements This view lists the checklists for each requirement. Each requirement has a corresponding checklist. Note: PCI DSS requirements 9, 11, and 12, which are process-oriented in nature, are not covered in BigFix Compliance. To view the checklists from SCA, click Reports > Checklists. To view more information about a checklist, click the checklist name from the Checklist view. 12
14 A.2: Checks List for PCI DSS Requirement 10 and mapping to PCI DSS standard The PCI DSS requirements are mapped to the twelve PCI DSS requirements and their sub-requirements that are listed in This mapping was used in creating the checklists for the requirements perspective. 13
15 A.3: Checklist Overview for PCI DSS Requirement 10 To view an overview of a specific requirement checklist, click Reports > Checklists. Then, select a requirement checklist: PCIDSS_Requirement_<number>. The Overview presents a graphic representation of compliance history, computers by compliance quartile, and check results history with an overall compliance percentage shown in the top left corner of the console. From this view, you can: - View the list of checks by clicking on the number of checks available. - View the list of computers by clicking on the number of computers available. - View the list of checks and computers based on their compliance status. 14
16 A.4: Checks List for PCI DSS Requirement 10 You can view the available checks in a checklist in detail by drilling down to the checks. You can do this by clicking the number of checks displayed on the Checklist Overview page. This view shows a list of all checks, each in its cumulative state, for a requirement checklist. In this case, the cumulative state for each check for requirement 10 is displayed. 15
17 A.5: Check Overview for PCI DSS requirement 10 You can drill down to a specific check to view an overview of the cumulative check result. To do this, you can either click on a check name from the check list (as shown in the previous screenshot) or click Reports > Checks and select the cumulative check or click any check in the list. This view shows a graphic representation of compliance history and check results history for a particular check, in this case, requirement
18 A.6: List of Computers for PCI DSS Requirement 10 You can view the list of computers that are relevant to a specific requirement. To view this report, click the number of computers displayed on the Checklist Overview page. This view shows a list of all computers with additional information (i.e. OS). It also shows the corresponding compliance status for each computer. 17
19 A.7: List of checks and computers that are compliant to PCI DSS requirement 10 You can configure the view according to what information you want to display by using the Configure View option. In this example, use Filters to specify that you want to view only the checks and computers that compliant to PCI DSS requirement
20 This view shows which computers and checks are in compliance with a particular requirement checklist, in this case, requirement
21 A.8: List of checks and computers that are not compliant to PCI DSS requirement 10 You can configure the view according to what information you want to display by using the Configure View option. This view shows which computers and checks are not in compliance with a particular requirement checklist, in this case, requirement
22 Appendix B: PCI DSS Milestones This section shows BigFix Compliance reports that are generated based on the Prioritized Approach for PCI DSS 3.2. The Prioritized Approach provides six security milestones that will help merchants and other organizations incrementally protect against the highest risk factors and escalating threats while on the road to PCI DSS compliance. In this appendix, we will use Milestone 1 as an example to show the PCI DSS Milestones Reporting. 21
23 B.1: All checklists with milestones To view the Milestones Summary checklist from SCA, click Reports > Checklists. This view lists the checklists for each milestone. There are 7 milestone checklists in total, including the milestone summary checklist. Each milestone has a corresponding checklist, and is intended to provide a roadmap to address risks in a prioritized order. Milestones enable merchants to demonstrate progress on compliance process. 22
24 B.2: Milestones Summary Checklist Overview Report To view the Milestones Summary checklist from SCA, click Reports > Checklists. Then, select PCIDSS_Milestones from the list of checklists. This view shows a summary of all six milestones in a graphic representation of compliance history, computers by compliance quartile, and check results history with an overall compliance percentage shown in the top left corner of the console. From this view, you can: - View the list of checks by clicking on the number of checks available. - View the list of computers by clicking on the number of computers available. - View the list of checks and computers based on their compliance status. 23
25 B.3: Checks List for PCI DSS Milestone 1 and mapping to PCI DSS prioritized approach The PCI DSS milestones are mapped to the six PCI DSS milestones that are listed in This mapping was used in creating the checklists for the prioritized approach. 24
26 B.4: Checklist Overview for PCI DSS Milestone 1 To view an overview of a specific milestone checklist, click Reports > Checklists. Then, select a milestone checklist PCIDSS_Milestone_<number>. The Overview presents a graphic representation of compliance history, computers by compliance quartile, and check results history with an overall compliance percentage shown in the top left corner of the console. From this view, you can: - View the list of checks by clicking on the number of checks available. - View the list of computers by clicking on the number of computers available. - View the list of checks and computers based on their compliance status. In this example, you can see the overview of the PCIDSS_Milestone_1 checklist. 25
27 B.5: Checks List for PCI DSS Milestone 1 You can view the available checks in a checklist in detail by drilling down to the checks. You can do this by clicking the number of checks displayed on the Checklist Overview page. The Checks List report shows the list of checks in the given scope together with attributes of each check and the overall, historical aggregate compliance results (the aggregate of all visible computer s pass and fail score) of each check. 26
28 B.6: List of Computers for PCI DSS Milestone 1 You can view the list of computers that are relevant to a specific requirement. To view this report, click the number of computers displayed on the Checklist Overview page. This view lists all the computers that are applicable to a particular milestone checklist, in this case, milestone 1. 27
29 B.7: List of checks and computers that are compliant to PCI DSS milestone 1 You can configure the view according to what information you want to display by using the Configure View option. In this example, use Filters to specify that you want to view only the checks and computers that compliant to PCI DSS milestone 1. 28
30 This view shows which computers and checks are in compliance with a particular milestone checklist, in this case, milestone 1. 29
31 B.8: List of checks and computers that are not compliant to PCI DSS milestone 1 You can configure the view according to what information you want to display by using the Configure View option. This view shows which computers and checks are not in compliance with a particular milestone checklist, in this case, milestone 1. 30
IBM BigFix Compliance PCI Add-on Version 9.5. Payment Card Industry Data Security Standard (PCI DSS) User's Guide IBM
IBM BigFix Compliance PCI Add-on Version 9.5 Payment Card Industry Data Security Standard (PCI DSS) User's Guide IBM IBM BigFix Compliance PCI Add-on Version 9.5 Payment Card Industry Data Security Standard
More informationIBM BigFix Compliance PCI Add-on Version 9.2. Payment Card Industry Data Security Standard (PCI DSS) User's Guide IBM
IBM BigFix Compliance PCI Add-on Version 9.2 Payment Card Industry Data Security Standard (PCI DSS) User's Guide IBM IBM BigFix Compliance PCI Add-on Version 9.2 Payment Card Industry Data Security Standard
More informationIBM BigFix Version 9.2. Security Configuration Management - Payment Card Industry Data Security Standard (PCI DSS) content 1.
IBM BigFix Version 9.2 Security Configuration Management - Payment Card Industry Data Security Standard (PCI DSS) content 1.1 User's Guide IBM IBM BigFix Version 9.2 Security Configuration Management
More informationForeScout Extended Module for IBM BigFix
ForeScout Extended Module for IBM BigFix Version 1.0.0 Table of Contents About this Integration... 4 Use Cases... 4 Additional BigFix Documentation... 4 About this Module... 4 Concepts, Components, Considerations...
More informationForeScout Extended Module for IBM BigFix
Version 1.1 Table of Contents About BigFix Integration... 4 Use Cases... 4 Additional BigFix Documentation... 4 About this Module... 4 About Support for Dual Stack Environments... 5 Concepts, Components,
More informationForescout. eyeextend for IBM BigFix. Configuration Guide. Version 1.2
Forescout Version 1.2 Contact Information Forescout Technologies, Inc. 190 West Tasman Drive San Jose, CA 95134 USA https://www.forescout.com/support/ Toll-Free (US): 1.866.377.8771 Tel (Intl): 1.408.213.3191
More informationPASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year
PASS4TEST \ http://www.pass4test.com We offer free update service for one year Exam : A2010-650 Title : Fundamentals of Applying Tivoli Endpoint Manager Solutions V1 Vendor : IBM Version : DEMO 1 / 5 Get
More informationIBM IBM Tivoli Endpoint Manager V8.1 Implementation.
IBM 000-560 IBM Tivoli Endpoint Manager V8.1 Implementation http://killexams.com/exam-detail/000-560 A. It should always be empty in a healthy environment. B. It is used to store downloaded files from
More informationIBM Endpoint Manager. OS Deployment V3.5 User's Guide
IBM Endpoint Manager OS Deployment V3.5 User's Guide IBM Endpoint Manager OS Deployment V3.5 User's Guide Note Before using this information and the product it supports, read the information in Notices
More informationIBM Endpoint Manager. OS Deployment V3.8 User's Guide - DRAFT for Beta V.1.0 (do not distribute)
IBM Endpoint Manager OS Deployment V3.8 User's Guide - DRAFT for Beta V.1.0 (do not distribute) IBM Endpoint Manager OS Deployment V3.8 User's Guide - DRAFT for Beta V.1.0 (do not distribute) Note Before
More informationIBM. Migration Cookbook. Migrating from License Metric Tool and Tivoli Asset Discovery for Distributed 7.5 to License Metric Tool 9.
IBM License Metric Tool 9.x Migration Cookbook Migrating from License Metric Tool and Tivoli Asset Discovery for Distributed 7.5 to License Metric Tool 9.x IBM IBM License Metric Tool 9.x Migration Cookbook
More informationIBM. Compliance Analytics User's Guide. IBM BigFix. Version 1.9
IBM BigFix IBM Compliance Analytics User's Guide Version 1.9 IBM BigFix IBM Compliance Analytics User's Guide Version 1.9 Note Before using this information and the product it supports, read the information
More informationEnhancements and new features in ILMT/SUA IBM License Metric Tool & Software Use Analysis Questions and Answers Enablement Team
Enhancements and new features in ILMT/SUA 9.2.0.2 IBM License Metric Tool & Software Use Analysis Questions and Answers Enablement Team Agenda 01 Introduction 04 Hiding free instances 07 Rebranding 02
More informationTivoli Endpoint Manager for Patch Management - AIX. User s Guide
Tivoli Endpoint Manager for Patch Management - AIX User s Guide User s Guide i Note: Before using this information and the product it supports, read the information in Notices. Copyright IBM Corporation
More informationRevised: 22 November Integration Guide
Revised: 22 November 2016 Integration Guide About This Guide Guide Type Documented Integration WatchGuard or a Technology Partner has provided documentation demonstrating integration Guide Details WatchGuard
More informationIBM Endpoint Manager Version 9.1. Patch Management for Ubuntu User's Guide
IBM Endpoint Manager Version 9.1 Patch Management for Ubuntu User's Guide IBM Endpoint Manager Version 9.1 Patch Management for Ubuntu User's Guide Note Before using this information and the product it
More informationIBM BigFix Version 9.5. Patch for Red Hat Enterprise Linux User's Guide IBM
IBM BigFix Version 9.5 Patch for Red Hat Enterprise Linux User's Guide IBM IBM BigFix Version 9.5 Patch for Red Hat Enterprise Linux User's Guide IBM Note Before using this information and the product
More informationIBM BigFix Version 9.5. WebUI Administrators Guide IBM
IBM BigFix Version 9.5 WebUI Administrators Guide IBM IBM BigFix Version 9.5 WebUI Administrators Guide IBM Note Before using this information and the product it supports, read the information in Notices
More informationIBM Endpoint Manager for OS Deployment Linux OS provisioning using a Server Automation Plan
IBM Endpoint Manager IBM Endpoint Manager for OS Deployment Linux OS provisioning using a Server Automation Plan Document version 1.0 Michele Tomassi Copyright International Business Machines Corporation
More informationIBM. Compliance Analytics Setup Guide. IBM BigFix. Version 1.9
IBM BigFix IBM Compliance Analytics Setup Guide Version 1.9 IBM BigFix IBM Compliance Analytics Setup Guide Version 1.9 Note Before using this information and the product it supports, read the information
More informationNetwrix Auditor for SQL Server
Netwrix Auditor for SQL Server Quick-Start Guide Version: 9.5 10/25/2017 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment from
More informationIBM Endpoint Manager Version 9.0. Software Distribution User's Guide
IBM Endpoint Manager Version 9.0 Software Distribution User's Guide IBM Endpoint Manager Version 9.0 Software Distribution User's Guide Note Before using this information and the product it supports,
More informationForeScout CounterACT. Configuration Guide. Version 5.0
ForeScout CounterACT Core Extensions Module: Reports Plugin Version 5.0 Table of Contents About the Reports Plugin... 3 Requirements... 3 Supported Browsers... 3 Verify That the Plugin Is Running... 5
More informationPatch Management for AIX
Patch Management for AIX Supported Versions The Patches for AIX Fixlet site provides Fixlet messages for the latest Maintenance Level packages for AIX 5.1, 5.2 and 5.3. It also includes inventory-only
More informationPatch Management for Solaris
Patch Management for Solaris User s Guide User s Guide i Note: Before using this information and the product it supports, read the information in Notices. Copyright IBM Corporation 2003, 2011. US Government
More informationIBM BigFix Version 9.5. WebUI Administrators Guide IBM
IBM BigFix Version 9.5 WebUI Administrators Guide IBM IBM BigFix Version 9.5 WebUI Administrators Guide IBM Note Before using this information and the product it supports, read the information in Notices
More informationForeScout Extended Module for Advanced Compliance
ForeScout Extended Module for Advanced Compliance Version 1.2 Table of Contents About Advanced Compliance Integration... 4 Use Cases... 4 Additional Documentation... 6 About This Module... 6 About Support
More informationRisk Intelligence. Quick Start Guide - Data Breach Risk
Risk Intelligence Quick Start Guide - Data Breach Risk Last Updated: 19 September 2018 --------------------------- 2018 CONTENTS Introduction 1 Data Breach Prevention Lifecycle 2 Choosing a Scan Deployment
More informationPCI Compliance Assessment Module with Inspector
Quick Start Guide PCI Compliance Assessment Module with Inspector Instructions to Perform a PCI Compliance Assessment Performing a PCI Compliance Assessment (with Inspector) 2 PCI Compliance Assessment
More informationIBM BigFix Compliance
IBM BigFix Compliance A single solution for managing endpoint security across the organization Highlights Ensure configuration compliance using thousands of out-of-the-box bestpractice policies with automated
More informationPCI Compliance Assessment Module
User Guide PCI Compliance Assessment Module Instructions to Perform a PCI Compliance Assessment V20180316 Network Detective PCI Compliance Module without Inspector User Guide Contents About the Network
More informationCounterACT Reports Plugin
CounterACT Reports Plugin Version 4.1.8 and Above Table of Contents About the Reports Plugin... 3 Requirements... 3 Supported Browsers... 3 Accessing the Reports Portal... 5 Saving Reports and Creating
More informationScan Report Executive Summary
Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Vin65 ASV Company: Comodo CA Limited 08/28/2017 Scan expiration date: 11/26/2017 Part 2. Component
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationMcAfee Security-as-a-Service
Troubleshooting Solutions Guide McAfee Security-as-a-Service For use with epolicy Orchestrator 4.6.0 Software This guide provides supplemental information related to installing and using the McAfee Security-as-a-Service
More informationScan Report Executive Summary
Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Vin65 ASV Company: Comodo CA Limited 11/20/2017 Scan expiration date: 02/18/2018 Part 2. Component
More informationCustomer Compliance Portal. User Guide V2.0
Customer Compliance Portal User Guide V2.0 0 Copyright 2016 Merchant Preservation Services, LLC. All rights reserved. CampusGuard, the Merchant Preservation Services logo, and the CampusGuard logo are
More informationQualys Release Notes
Qualys 8.9.1 Release Notes This new release of the Qualys Cloud Suite of Security and Compliance Applications includes improvements to Vulnerability Management and Policy Compliance. Qualys Cloud Platform
More informationHPE Security Fortify Plugins for Eclipse
HPE Security Fortify Plugins for Eclipse Software Version: 17.20 Installation and Usage Guide Document Release Date: November 2017 Software Release Date: November 2017 Legal Notices Warranty The only warranties
More informationScan Report Executive Summary. Part 2. Component Compliance Summary Component (IP Address, domain, etc.):
Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: Vin65 ASV Company: Comodo CA Limited 02/18/2018 Scan expiration date: 05/19/2018 Part 2. Component
More informationDeploying Lookout with IBM MaaS360
Lookout Mobile Endpoint Security Deploying Lookout with IBM MaaS360 February 2018 2 Copyright and disclaimer Copyright 2018, Lookout, Inc. and/or its affiliates. All rights reserved. Lookout, Inc., Lookout,
More informationMigration from version 7.5 to 9.0. IBM License Metric Tool & Software Use Analysis Questions and Answers ILMT Central Team
Migration from version 7.5 to 9.0 IBM License Metric Tool & Software Use Analysis Questions and Answers ILMT Central Team Agenda Introduction 01 Step 1: Prepare the environment 02 Step 2: Map the agents
More informationMeeting PCI DSS 3.2 Compliance with RiskSense Solutions
Meeting PCI DSS 3.2 Compliance with Solutions Platform the industry s most comprehensive, intelligent platform for managing cyber risk. 2018, Inc. What s Changing with PCI DSS? Summary of PCI Business
More informationMission Control 5.0. Mission Control Admin Guide. January, 2016
Mission Control 5.0 Mission Control Admin Guide January, 2016 Mission Control Admin Guide You can find the most up-to-date technical documentation at: docs.delphix.com The Delphix Web site also provides
More informationData Breach Risk Scanning and Reporting
Data Breach Risk Scanning and Reporting 2017. SolarWinds. All rights reserved. All product and company names herein may be trademarks of their respective owners. The information and content in this document
More informationInstalling BigFix clients through self-update IBM
Installing BigFix clients through self-update IBM ii Installing BigFix clients through self-update Contents Chapter 1. Installing BigFix clients through self-update.......... 1 Step 1: Planning the infrastructure.......
More informationControl-M and Payment Card Industry Data Security Standard (PCI DSS)
Control-M and Payment Card Industry Data Security Standard (PCI DSS) White paper PAGE 1 OF 16 Copyright BMC Software, Inc. 2016 Contents Introduction...3 The Need...3 PCI DSS Related to Control-M...4 Control-M
More informationBigFix 2018 Roadmap. Aram Eblighatian. Product Manager IBM BigFix. 14 May, 2018
BigFix 2018 Roadmap Aram Eblighatian Product Manager IBM BigFix 14 May, 2018 What's New in BigFix? BigFix Platform BigFix Platform v9.5.7 Released Oct. 2017 Gathering Performance improvements (WebUI and
More informationNetwrix Auditor for Active Directory
Netwrix Auditor for Active Directory Quick-Start Guide Version: 8.0 4/22/2016 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment
More informationPCI-DSS COMPLIANCE REPORT. Sample engineering company with 200 employees
PCI-DSS COMPLIANCE REPORT Sample engineering company with 200 employees Content The Payment Card Industry Data Security Standard............................... 3 Incidents per reported period..........................................
More informationSophos Enterprise Console Help. Product version: 5.3
Sophos Enterprise Console Help Product version: 5.3 Document date: September 2015 Contents 1 About Sophos Enterprise Console 5.3...6 2 Guide to the Enterprise Console interface...7 2.1 User interface layout...7
More informationPCI COMPLIANCE IS NO LONGER OPTIONAL
PCI COMPLIANCE IS NO LONGER OPTIONAL YOUR PARTICIPATION IS MANDATORY To protect the data security of your business and your customers, the credit card industry introduced uniform Payment Card Industry
More informationHPE Security Fortify Audit Workbench
HPE Security Fortify Audit Workbench Software Version: 17.20 User Guide Document Release Date: November 2017 Software Release Date: November 2017 Legal Notices Warranty The only warranties for Seattle
More informationEMC SourceOne Management Pack for Microsoft System Center Operations Manager
EMC SourceOne Management Pack for Microsoft System Center Operations Manager Version 7.2 Installation and User Guide 302-000-955 REV 01 Copyright 2005-2015. All rights reserved. Published in USA. Published
More informationIBM Security SiteProtector System User Guide for Security Analysts
IBM Security IBM Security SiteProtector System User Guide for Security Analysts Version 2.9 Note Before using this information and the product it supports, read the information in Notices on page 83. This
More informationPCI DSS Compliance. Verba SOLUTION GUIDE. Introduction. Verba and the Payment Card Industry Data Security Standard
Introduction Verba provides a complete compliance solution for merchants and service providers who accept and/or process payment card data over the telephone. Secure and compliant handling of a customer
More informationSQL Server Solutions GETTING STARTED WITH. SQL Secure
SQL Server Solutions GETTING STARTED WITH SQL Secure Purpose of this document This document is intended to be a helpful guide to installing, using, and getting the most value from the Idera SQL Secure
More informationAppDefense Cb Defense Configuration Guide. AppDefense Appendix Cb Defense Integration Configuration Guide
AppDefense Appendix Cb Defense Integration Configuration Guide Table of Contents Overview 3 Requirements 3 Provision API Key for Cb Defense Integration 3 Figure 1 Integration Type 4 Figure 2 API Key Provisioning
More informationDealing with Event Viewer
Dealing with Event Viewer Event Viewer is a troubleshooting tool in Microsoft Windows 2000.This how-to article will describe how to use Event Viewer. Event Viewer displays detailed information about system
More informationIBM Endpoint Manager for Configuration Management User's Guide
IBM Endpoint Manager for Configuration Management User's Guide ii IBM Endpoint Manager for Configuration Management User's Guide Contents Configuration Management User's Guide 1 Setting up Configuration
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationAutomate and simplify PCI DSS compliance using FileAudit Plus
PCI-DSS Compliance Automate and simplify PCI DSS compliance using FileAudit Plus Automate and simplify PCI DSS compliance using FileAudit Plus Payment Card Industry Data Security Standard (PCI DSS) compliance
More informationMoving data to the cloud using the MoveToCloud script
What this tutorial is about IBM dashdb's movetocloud script provides an easy way of getting your data to the cloud in either SoftLayer Swift object storage or Amazon S3. The script is ideal for uploading
More informationCounterACT VMware vsphere Plugin
CounterACT VMware vsphere Plugin Configuration Guide Version 2.0.0 Table of Contents About VMware vsphere Integration... 4 Use Cases... 4 Additional VMware Documentation... 4 About this Plugin... 5 What
More informationNETWRIX GROUP POLICY CHANGE REPORTER
NETWRIX GROUP POLICY CHANGE REPORTER ADMINISTRATOR S GUIDE Product Version: 7.2 November 2012. Legal Notice The information in this publication is furnished for information use only, and does not constitute
More informationIBM Proventia Management SiteProtector Policies and Responses Configuration Guide
IBM Internet Security Systems IBM Proventia Management SiteProtector Policies and Responses Configuration Guide Version2.0,ServicePack8.1 Note Before using this information and the product it supports,
More informationPayment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire A and Attestation of Compliance
Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire A and Attestation of Compliance No Electronic Storage, Processing, or Transmission of Cardholder Data Version 1.2 October
More informationIBM Endpoint Manager Version 9.1. Getting Started IBM
IBM Endpoint Manager Version 9.1 Getting Started IBM IBM Endpoint Manager Version 9.1 Getting Started IBM Note Before using this information and the product it supports, read the information in Notices
More informationEMC Voyence Payment Card Industry Advisor. User s Guide. Version P/N REV A01
EMC Voyence Payment Card Industry Advisor Version 1.1.1 User s Guide P/N 300-007-495 REV A01 EMC Corporation Corporate Headquarters Hopkinton, MA 01748-9103 1-508-435-1000 www.emc.com COPYRIGHT Copyright
More informationMore on relevance checks in ILMT and BFI
More on relevance checks in ILMT and BFI IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by accessing the Communicate
More informationin PCI Regulated Environments
in PCI Regulated Environments JULY, 2018 PCI COMPLIANCE If your business accepts payments via credit, debit, or pre-paid cards, you are required to comply with the security requirements of the Payment
More informationConsulting Edition Getting Started Guide. October 3, 2018
Consulting Edition Getting Started Guide October 3, 2018 Copyright 2018 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks are
More informationSAS Infrastructure for Risk Management 3.4: User s Guide
SAS Infrastructure for Risk Management 3.4: User s Guide SAS Documentation March 2, 2018 The correct bibliographic citation for this manual is as follows: SAS Institute Inc. 2017. SAS Infrastructure for
More informationPCI Compliance. Network Scanning. Getting Started Guide
PCI Compliance Getting Started Guide Qualys PCI provides businesses, merchants and online service providers with the easiest, most cost effective and highly automated way to achieve compliance with the
More informationUse the Executive Dashboard
How-to Guide CounterACT Version 7.0.0 Table of Contents About Using the Executive Dashboard... 3 Setting Up CounterACT to Work with the Executive Dashboard... 3 Accessing the Executive Dashboard... 3 Create
More informationVeritas NetBackup OpsCenter Reporting Guide. Release 8.0
Veritas NetBackup OpsCenter Reporting Guide Release 8.0 Veritas NetBackup OpsCenter Reporting Guide Legal Notice Copyright 2016 Veritas Technologies LLC. All rights reserved. Veritas and the Veritas Logo
More information01.0 Policy Responsibilities and Oversight
Number 1.0 Policy Owner Information Security and Technology Policy Policy Responsibility & Oversight Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 1. Policy Responsibilities
More informationForeScout Extended Module for Qualys VM
ForeScout Extended Module for Qualys VM Version 1.2.1 Table of Contents About the Qualys VM Integration... 3 Additional Qualys VM Documentation... 3 About This Module... 3 Components... 4 Considerations...
More informationIBM services and technology solutions for supporting GDPR program
IBM services and technology solutions for supporting GDPR program 1 IBM technology solutions as key enablers - Privacy GDPR Program Work-stream IBM software 2.1 Privacy Risk Assessment and Risk Treatment
More informationRights Cloud Connector Package Quick Install Guide
Rights Cloud Connector Package Quick Install Guide Feb 12, 2018 Version 2.0 SCOPE OF THE DOCUMENT This document illustrates the steps for installation and configuration of the FADEL s AEM Asset Rights
More informationINFORMATION SUPPLEMENT. Use of SSL/Early TLS for POS POI Terminal Connections. Date: June 2018 Author: PCI Security Standards Council
Use of SSL/Early TLS for POS POI Terminal Connections Date: Author: PCI Security Standards Council Table of Contents Introduction...1 Executive Summary...1 What is the risk?...1 What is meant by Early
More informationHow-to Guide: Tenable Nessus for BeyondTrust. Last Revised: November 13, 2018
How-to Guide: Tenable Nessus for BeyondTrust Last Revised: November 13, 2018 Table of Contents Welcome to Nessus for BeyondTrust 3 Integrations 4 Windows Integration 5 SSH Integration 10 API Configuration
More informationPerforming an ObserveIT Upgrade Using the Interactive Installer
Performing an ObserveIT Upgrade Using the Interactive Installer ABOUT THIS DOCUMENT This document contains detailed procedures and instructions on how to upgrade ObserveIT by using the interactive "One
More informationEMC Documentum Process Engine
EMC Documentum Process Engine Version 6.5 Installation Guide P/N 300 007 522 A01 EMC Corporation Corporate Headquarters: Hopkinton, MA 01748 9103 1 508 435 1000 www.emc.com Copyright 2004 2008 EMC Corporation.
More informationTechnical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform
Technical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform Date: October, 2018 Author: Jack Poller, Sr. Analyst The Challenges Enterprise Strategy Group
More informationNCSF-CFM Practitioner Syllabus
NCSF-CFM Practitioner Syllabus Based on NIST-CSF 1.1 itsm910 NCSF Practitioner Syllabus Version 1.1 January 2018 P a g e 1 P a g e 2 Publisher itsm Solution Publishing, LLC 742 Mink Ave. #135 Murrells
More informationTurn-key Vulnerability Management
Turn-key Vulnerability Management Security Manager The solution for IT security in your organisation Security issues: How many? Where are they? How can I correct them? Compliance: Has it been achieved
More informationIBM BigFix Version 9.2. Console Operator s Guide IBM
IBM BigFix Version 9.2 Console Operator s Guide IBM IBM BigFix Version 9.2 Console Operator s Guide IBM Note Before using this information and the product it supports, read the information in Notices
More informationUpgrading an ObserveIT One-Click Installation
Upgrading an ObserveIT One-Click Installation This document was written for ObserveIT Enterprise version 7.6.1. This document uses screenshots and procedures written for Windows Server 2012 R2 and SQL
More informationIBM Cognos Dynamic Query Analyzer Version Installation and Configuration Guide IBM
IBM Cognos Dynamic Query Analyzer Version 11.0.0 Installation and Configuration Guide IBM Note Before using this information and the product it supports, read the information in Notices on page 7. Product
More informationAdministering System Center 2012 Configuration Manager
Administering System Center 2012 Configuration Manager Duration: 5 Days Course Code:10747D About this Course This course describes how to configure and manage a System Center 2012 R Configuration Manager
More informationIntegrate Saint Security Suite. EventTracker v8.x and above
EventTracker v8.x and above Publication Date: June 6, 2018 Abstract This guide provides instructions to configure Saint Security Suite to send crucial events to EventTracker Enterprise by means of syslog.
More informationGFI WebMonitor 2009 ReportPack. Manual. By GFI Software Ltd.
GFI WebMonitor 2009 ReportPack Manual By GFI Software Ltd. http://www.gfi.com E-mail: info@gfi.com Information in this document is subject to change without notice. Companies, names, and data used in examples
More informationThe Realities of Data Security and Compliance: Compliance Security
The Realities of Data Security and Compliance: Compliance Security Ulf Mattsson, CTO, Protegrity Ulf.mattsson @ protegrity.com Bio - A Passion for Sailing and International Travel 2 Ulf Mattsson 20 years
More informationNetWrix VMware Change Reporter Version 3.0 Enterprise Edition Administrator s Guide
NetWrix VMware Change Reporter Version 3.0 Enterprise Edition Administrator s Guide Table of Contents NetWrix VMware Change Reporter Concepts... 1 Product Editions... 1 How It Works... 2 Deploying Product...
More informationTenable.io for Thycotic
How-To Guide Tenable.io for Thycotic Introduction This document describes how to deploy Tenable.io for integration with Thycotic Secret Server. Please email any comments and suggestions to support@tenable.com.
More information90% of data breaches are caused by software vulnerabilities.
90% of data breaches are caused by software vulnerabilities. Get the skills you need to build secure software applications Secure Software Development (SSD) www.ce.ucf.edu/ssd Offered in partnership with
More informationCounterACT VMware vsphere Plugin
Configuration Guide Version 2.0.1 Table of Contents About VMware vsphere Integration... 4 Use Cases... 4 Additional VMware Documentation... 4 About this Plugin... 5 What to Do... 5 Requirements... 5 CounterACT
More informationDeploying SecPod Saner Agent Through Microsoft Active Directory
Deploying SecPod Saner Agent Through Microsoft Active Directory Introduction This article lists instructions to install SecPod Saner agent through Microsoft Active Directory. Steps Involved in Deploying
More informationNetBackup Deployment Template User Guide for System Center Configuration Manager (SCCM)
NetBackup Deployment Template User Guide for System Center Configuration Manager (SCCM) September 25, 2017 Third-party mass-deployment tools like System Center Configuration Manager (SCCM) and Chef are
More information