Category: PCI DSS Requirement 2
Apply Secure Configurations to All System Components
Systems are frequently compromised by malicious individuals, both internal and external to an organization, who make use of vendor default settings and passwords. These settings and passwords are well-known and straightforward to ascertain from public OSINT data.
By configuring system components in secure ways, attackers have fewer options to successfully attack systems. Entities undergoing PCI DSS compliance should reduce their attack surface by changing default passwords, removing unnecessary software, accounts, and functions, and disabling or removing unnecessary services. It may be obvious but should be stated that the external attack surface should be clearly understood and monitored continuously.
BlckRhino
BlckRhino (BR) assists clients in strategic management of risk, mitigating threats in an ever-increasingly complex, globally connected world. BlckRhino embraces…
- Rating
- Views
- 8663
CISOfy – Lynis
Lynis Enterprise performs security scanning for Linux, macOS, and Unix systems. It helps you discover and solve issues quickly, so…
- Rating
- Views
- 2083
Tripwire
Tripwire product offering includes advanced threat, security and compliance solutions used by 9,000 plus organizations, including Fortune 500 companies (Tripwire…
- Location
- Global PCI DSS Solutions
- Rating
- Views
- 6013
Rapid7
Rapid7 is a PCI Approved Scanning Vendor (ASV), which means we can help you achieve compliance with PCI DSS. Our services…
- Rating
- Views
- 6840
Qualys
Qualys VM is a cloud service that gives you immediate, global visibility into where your IT systems might be vulnerable…
- Location
- Global PCI DSS Solutions
- Rating
- Views
- 4361
Saint
SAINT is certified (#4268-01-08) by the PCI Security Standards Council as an Approved Scanning Vendor (ASV). As an ASV, SAINT…
- Location
- Global PCI DSS Solutions
- Rating
- Views
- 3707
Comodo
Our dependence on computers and the Internet grows with each passing day, and so, too, does our vulnerability. The threats,…
- Location
- Comodo Group, Inc. 1255 Broad Street, Clifton, NJ 07013 , United States
- Rating
- Views
- 2633
Sensepost
SensePost Managed Vulnerability Scanning (MVS) is a fully Managed Vulnerability Scanning service supported by SensePost and designed for the enterprise.…
- Location
- Global PCI DSS Solutions
- Rating
- Views
- 2826