Penetration Testing mailing list archives

Re: nessus to PCI

From: David Rice <drice39 () cox net>
Date: Wed, 22 Jun 2005 17:58:56 -0700

Mr Wizard wrote:

Unless you can get the Nessus Open Source Vulnerability Scanner
project team to certify Nessus with the Visa & MasterCard PCI program,
I would not advise using this tool for client engagements.

Mr. Wizard.

On 6/22/05, Vic N <vic778 () hotmail com> wrote:

Can you be more specific?  Is this PCI 1.0?  And are you talking about a
specific section like section 1 or other sections?

Has anyone had any luck mapping nessus results to the Payment Card Industry
(PCI) Data Security standard?

I didn't think you could use GNU or open source code for PCI audits andstandards.

Current thread:

nessus to PCI ctodude (Jun 21)
- nessus to PCI Vic N (Jun 22)
  - Re: nessus to PCI Mr Wizard (Jun 22)
    - Re: nessus to PCI Renaud Deraison (Jun 22)
    - Re: nessus to PCI Michael Hammer (Jun 22)
    - RE: nessus to PCI Dan Tesch (Jun 22)
    - Re: nessus to PCI David Rice (Jun 22)
- RE: nessus to PCI Vic N (Jun 23)
- <Possible follow-ups>
- RE: nessus to PCI Burnett, Robert (Jun 21)
- RE: nessus to PCI cdewitt (Jun 22)