topleft
USA: 703.483.6383
India: +91.9820293399
contact@controlcase.com
SITE NAVIGATION
   
Overview | FAQ | PCI Requirements | PCI Methodology | Regional Contacts
 
Site Search
 
 
bookmark
contact us
 
c1
 

ControlCase Compliance ScannerTM Overview

Over the past few years, numerous technologies have surfaced within the information security space that assist enterprises and auditors with identifying security problems using vulnerability scanners, application security scanners, antivirus solutions, firewall analyzers and solutions that monitor for data breaches. All these solutions rely on the concept of “vulnerability signatures” for identification of security problems.

ControlCase Compliance ScannerTM (CCS) provides the missing bridge between Security and IT Governance/Compliance. It overlays data monitoring with security monitoring and provides to executives a real time dashboard of compliance to IT Governance standards including PCI. This is accomplished through first in the industry concept of Compliance SignaturesTM.

PCI Compliance ScannerTM for QSA’s and Consultants

Companies that process, store or transmit cardholder data are required to comply with PCI to ensure security of cardholder systems. ControlCase’s PCI scanner allows QSA’s to streamline and automate the process of evaluating PCI compliance during onsite engagements. Results from leading vulnerability scanners and application scanners, along with ControlCase’s GRC platform and cardholder data search features are processed by the PCI Compliance ScannerTM to pre-populate approximately half the controls of PCI DSS. Features of PCI Compliance ScannerTM for QSA’s include,

  • Easy interview wizard to walk QSA’s through the entire process.
  • Automated search for cardholder data within servers and databases.
  • Automated mapping of application/network vulnerabilities (fromleading security scanners) to “cardholder” assets and servers.
  • Automated firewall ruleset analysis and mapping of faulty rule sets to PCI requirements.
  • Generation of Report on Compliance with more than half controls pre-populated with accurate data on cardholder systems, their vulnerabilities and mis-configured firewall rule sets.

PCI Compliance ScannerTM – Enterprise Edition (Appliance)

So, you have already been certified for PCI DSS. ControlCase’s PCI scanner appliance allows enterprises to streamline and automate the process of monitoring and maintaining PCI compliance. Leading vulnerability scanners and application scanners integrate with ControlCase’s cardholder system search capabilities and inbuilt GRC platform to provide a continual compliance dashboard. Features of PCI Compliance ScannerTM for QSA’s include

  • Dashboard of compliance to PCI (and other regulations if required)
  • Integration with vulnerability scanners.
  • Integration with application security scanners.
  • Continual monitoring for cardholder data within the network, filesystem and on databases.
  • Emails and messaging to compliance and risk managers if cardholder datais found or vulnerabilities on cardholder systems are found.

For any additional information, please contact ControlCase at contact@controlcase.com
c8
 
Legal Notice | Privacy Policy | © 2005-2008 ControlCase, LLC. All Rights Reserved.
 
topright