New release of Splunk App for PCI Compliance

Splunk Inc., provider of software for real-time operational intelligence, has announced the general availability of the Splunk App for PCI Compliance 2.0. The Splunk App for PCI Compliance is for any organisation looking for a simple, intuitive reporting and analysis solution that satisfies the requirements for Payment Card Industry (PCI) compliance. Together, the Splunk App for PCI Compliance and Splunk Enterprise combine to create a highly scalable investigation and forensics platform as an integral part of an overall security strategy.

"The Splunk App for PCI Compliance was developed to make PCI compliance as easy as possible for businesses," said Mark Seward, senior director of security and compliance marketing, Splunk. "Collecting and retaining data for audits is a daunting task, particularly since most PCI solutions require significant data normalisation to deal with the wide variety of operational and security data formats. The Splunk App for PCI Compliance solves this challenge with out-of-the-box content for reporting and real-time monitoring of the enterprise."

PCI compliance is a requirement for any organisation that accepts credit cards. The PCI Data Security Standard (DSS) is the gold standard in the industry for securing this sensitive data and reducing credit card fraud.

The Splunk App for PCI Compliance 2.0 includes:

  • High-level scorecards and reports for each PCI requirement
  • Simple visualisations for indicating PCI compliance issues
  • Prioritisation of in-scope assets
  • Operational, security and incident review and workflow capabilities
  • Audit trail for log review and report accesses

Unlike most security and information event management (SIEM) products that supply their PCI solution as a stack of additional reports on top of their SIEM, the Splunk App and the core Splunk Enterprise software can be a complete stand-alone solution for PCI compliance provided as a powerful yet simple to use solution with incident review workflow, asset threat prioritisation and requirement scorecards for PCI compliance.

Organisations that need to be PCI compliant but don't want to implement a traditional SIEM solution find the Splunk App for PCI Compliance particularly beneficial to their security efforts. It is a good fit when PCI DSS compliance needs to be viewed separately from a SIEM or when it is desirable to have a single, simple solution to track operational, security and compliance activities.

"The on-the-fly report creation of the Splunk App for PCI Compliance combined with real-time monitoring views support continuous compliance for PCI and reflect the vision of data-driven security," said Scott Crawford, managing research director of security and risk, Enterprise Management Associates.

Customers in a wide variety of industries and organisations participated in the beta program by using the App for PCI log management, reporting and incident tracking.

"Our managed service customers hold us responsible for maintaining PCI compliance," said Ryan McFadden, managed services operations specialist, Tessitura Network. "The Splunk App for PCI Compliance helps us know where we are with PCI compliance, not only at audit time, but also in real-time, at any given moment."

"Beyond supporting daily log review, the Splunk App organises the data in a way that makes PCI posture easy to understand for executives," said Jim VanLandeghem, Internet Systems Administrator, Baker College.

 

Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter