OSSEC and PCI DSS Compliance
If you take credit cards, you need to be PCI compliant. That is why adhering to the over 250 requirements set by the Payment Credit Industry is a headache for millions of businesses worldwide. Casey Priester of Prometheus Global addressed these pain points in his presentation at the OSSEC Conference 2018. He discussed how OSSEC can work within a compliance framework, whether it be PCI DSS, HIPPA or any other regulatory set.
In his presentation, Priester highlighted three specific OSSEC components that support PCI compliance:
- Sys check
- Logcollector / analysid.
Each one can be configured to give organizations greater visibility and security to make compliance easier. However, although OSSEC has the technical backbone to meet various requirements, it is an open-source solution. Each component still needs to be tailored to meet the needs of the organization. Priester gives specific examples of how OSSEC can be configured to meet certain requirements in his presentation, giving a small glimpse of OSSEC’s greater potential in meeting regulatory standards. To watch the full presentation, click the video below or you can download the presentation slides here.
To see more presentations and videos from OSSEC Conference 2018, click the button below.