IDS mailing list archives
Re: PCI/DSS compliant Managed IDS
From: ebk_lists () hotmail com
Date: 23 Aug 2007 17:07:28 -0000
I'd vote yes: "Appendix says: As referenced in Requirement 12.8, all service providers with access to cardholder data (including hosting providers) must adhere to the PCI DSS. 12.8: 12.8 If cardholder data is shared with service providers, then contractually the following is required: 12.8.1 Service providers must adhere to the PCI DSS requirements 12.8.2 Agreement that includes an acknowledgement that the service provider is responsible for the security of cardholder data the provider possesses." If the monitoring of the IDS provide access to cardholder or transaction data, they must also be compliant. ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- PCI/DSS compliant Managed IDS marino . zini (Aug 23)
- RE: PCI/DSS compliant Managed IDS Craig Wright (Aug 24)
- RE: PCI/DSS compliant Managed IDS MH Michael Hammer (5304) (Aug 24)
- <Possible follow-ups>
- Re: PCI/DSS compliant Managed IDS ebk_lists (Aug 24)
- RE: PCI/DSS compliant Managed IDS Craig Wright (Aug 24)
- Re: PCI/DSS compliant Managed IDS vijay . upadhyaya (Aug 24)
- RE: PCI/DSS compliant Managed IDS Craig Wright (Aug 24)