OSSEC and PCI DSS Compliance

Posted on May 3, 2018 by Mike Shinn

If you take credit cards, you need to be PCI compliant. That is why adhering to the over 250 requirements set by the Payment Credit Industry is a headache for millions of businesses worldwide. Casey Priester of Prometheus Global addressed these pain points in his presentation at the OSSEC Conference 2018. He discussed how OSSEC can work within a compliance framework, whether it be PCI DSS, HIPPA or any other regulatory set.

In his presentation, Priester highlighted three specific OSSEC components that support PCI compliance:

Sys check
Rootcheck
Logcollector / analysid.

Each one can be configured to give organizations greater visibility and security to make compliance easier. However, although OSSEC has the technical backbone to meet various requirements, it is an open-source solution. Each component still needs to be tailored to meet the needs of the organization. Priester gives specific examples of how OSSEC can be configured to meet certain requirements in his presentation, giving a small glimpse of OSSEC’s greater potential in meeting regulatory standards. To watch the full presentation, click the video below or you can download the presentation slides here.

To see more presentations and videos from OSSEC Conference 2018, click the button below.

Show Me More

Atomic Products For Workload Security and Compliance

Built on the open source foundation of OSSEC, Atomicorp offers comprehensive host intrusion detection, attack protection and compliance all in a single unified platform that runs anywhere.

Atomicorp protects critical workloads in the cloud, the data center and in hybrid environments.

Learn More