Apps/Tags used by the PCI Application

This is a list of tags that are used in the PCI application, in addition to the tags from the common information model.

• cardholder - Touches or contains cardholder information or traffic
• cardholder-dest - Cardholder data coming in
• cardholder-src - Cardholder data going out
• default-username - System accounts that are created by default and should rarely be used
• dest-whitelist - Destinations that are considered safe, typically local network addresses
• dmz-dest - Traffic heading to the DMZ
• dmz-src - Traffic coming from the DMZ
• external-dest - Traffic coming from outside the environment
• external-src - Traffic coming from inside the environment
• insecure - Traffic or events that are considered insecure in some way
• insecure-application - Traffic or events involving an application that is considered insecure
• insecure-ports - Traffic traveling through insecure ports, such as those that aren¿t encrypted
• internal-dest - Traffic headed into the environment
• internal-src - Traffic coming from the environment
• pci - Related to PCI issues
• service_account - An account related to a particular system service, and that therefore no one should be logging into
• src-whitelist - Sources that are considered safe, typically local network addresses
• terminated - Accounts that have been removed, and therefore shouldn¿t be in use
• wireless - Touches a wireless network or device in some way
• wireless-dest - Coming from a wireless network or device
• wireless-src - Heading toward a wireless network or device