PCI Compliance Done Right with Splunk

The New Year brings with it so much to look forward to and we are happy to bring even more to be excited about: a new release for the Splunk App for PCI Compliance. Starting January 11th, version 5.1 will be Generally Available. In this blog, let's review the main benefits of the Splunk App for PCI Compliance and highlight the improvements that version 5.1 brings.

What is PCI DSS?

At its core, the Splunk App for PCI Compliance is here to solve financial compliance use cases for the Payment Card Industry Data Security Standard. PCI DSS is an industry standard for organizations that transmit cardholder data. Relevant data can include: 

• Credit cards
• Debit and ATM cards
• Point of sale (POS) systems

The PCI DSS standard protects cardholder data and minimizes the possibility of cardholder data theft and/or loss. PCI DSS requires that all merchants, service providers, and financial institutions meet minimum levels of security and monitoring of the systems in their cardholder data environment (CDE). The Data Security Standard is made up of 12 requirements that businesses are expected to comply with. 

How Splunk Helps

As you might expect, compliance can become a complicated process as your organizational complexity grows. This is where Splunk’s developed and supported PCI app comes in to help make your compliance journey an easy one. The Splunk App for PCI Compliance provides the compliance practitioner with visibility into compliance-relevant threats found in the cardholder data environment. You will be able to achieve a top-down and bottom-up view of your organization's current PCI compliance status, allowing a compliance specialist to effectively monitor, investigate, and report on compliance with current Payment Card Industry Data Security Standards.

So that sets the stage for what PCI Compliance is and why it is so important. Let’s dive into how Splunk helps solve the most challenging compliance issues. The Splunk PCI app builds on top of the Splunk platform to allow PCI practitioners to capture, monitor, and report on relevant data from any source: devices, systems, users, and applications in the cardholder data environment. This ability to comprehend data allows users to quickly investigate and resolve compliance issues.

Dashboard Overview

We all love dashboards at Splunk. Solving PCI use cases calls for more dashboards. The dashboards in the Splunk App for PCI Compliance provide both a high-level overview of your cardholder data environment, and the ability to investigate specific events or compliance issues. Using the navigation bar at the top of the screen, you can access the PCI Compliance Posture, Incident Review, Scorecards, Reports, and other PCI compliance dashboards and resources.

Here is a quick overview of some of the dashboards you can access:

• The PCI Compliance Posture dashboard provides a centralized overview of your current compliance status, both overall and by PCI requirement category. This dashboard is a centralized view of your requirement status, notable events, notable events by owner, notable events by requirements, notable events by urgency, and compliance status history. Use this dashboard to monitor your PCI compliance status daily. See PCI Compliance Posture dashboard for more information.
• The Incident Review dashboard helps to identify threats and respond to those threats quickly. See Incident Review dashboard for more information.
• Scorecards provide a daily log review and the ability to monitor each of the compliance areas. See Scorecards for more information.
• The Reports provide reporting on each of the requirement areas of PCI compliance. These are provided as templates and can be customized. See Reports for more information.
• The Audit dashboards validate continuous monitoring of the environment. Using these dashboards you can audit changes in the incident review dashboard, suppressions, forwarders, search, and view. See Audit dashboards for more information.
• Resources: Use the Asset Center to identify assets included in your cardholder data environment, and the Identity Center to identify the identities.

Splunk App for PCI Compliance Version 5.1

Starting January 11th, version 5.1 of the Splunk App for PCI Compliance is Generally Available. The latest version is ready to make your PCI journey an easy one. As always, Splunk is here to help you at every step by providing you with:

• Installation and Configuration Manual 
• Release notes for version 5.1

Download the Splunk App for PCI Compliance today.

Happy Splunking!

----------------------------------------------------
Thanks!
Alex Salesi