PCIDSS.COM - PCI DSS Security Solutions Directory

Category: PCI DSS Requirement 2

Apply Secure Configurations to All System Components

Systems are frequently compromised by malicious individuals, both internal and external to an organization, who make use of vendor default settings and passwords. These settings and passwords are well-known and straightforward to ascertain from public OSINT data.

By configuring system components in secure ways, attackers have fewer options to successfully attack systems. Entities undergoing PCI DSS compliance should reduce their attack surface by changing default passwords, removing unnecessary software, accounts, and functions, and disabling or removing unnecessary services. It may be obvious but should be stated that the external attack surface should be clearly understood and monitored continuously.

PCI Solution Provider

CISOfy – Lynis

Lynis Enterprise performs security scanning for Linux, macOS, and Unix systems. It helps you discover and solve issues quickly, so…

Read More

Rating
0 / 5
Views
1886
PCI Solution Provider

Tripwire

Tripwire product offering includes advanced threat, security and compliance solutions used by 9,000 plus organizations, including Fortune 500 companies (Tripwire…

Read More

Location
Global PCI DSS Solutions
Rating
0 / 5
Views
5789
PCI Solution Provider

Rapid7

Rapid7 is a PCI Approved Scanning Vendor (ASV), which means we can help you achieve compliance with PCI DSS. Our services…

Read More

Rating
0 / 5
Views
6334
PCI Solution Provider

Qualys

Qualys VM is a cloud service that gives you immediate, global visibility into where your IT systems might be vulnerable…

Read More

Location
Global PCI DSS Solutions
Rating
0 / 5
Views
4030
PCI Solution Provider

Saint

SAINT is certified (#4268-01-08) by the PCI Security Standards Council as an Approved Scanning Vendor (ASV). As an ASV, SAINT…

Read More

Location
Global PCI DSS Solutions
Rating
0 / 5
Views
3418
PCI Solution Provider

Comodo

Our dependence on computers and the Internet grows with each passing day, and so, too, does our vulnerability. The threats,…

Read More

PCI Solution Provider

Sensepost

SensePost Managed Vulnerability Scanning (MVS) is a fully Managed Vulnerability Scanning service supported by SensePost and designed for the enterprise.…

Read More

Location
Global PCI DSS Solutions
Rating
0 / 5
Views
2643