News

ManageEngine SIEM Solution Offers Out-of-the-Box Reporting for PCI DSS 3.0

EventLog Analyzer Provides Audit-Readiness for PCI DSS 3.0 Requirements 10, 11.5

PLEASANTON, Calif. - October 13, 2014 - ManageEngine, the real-time IT management company, today announced the addition of Payment Card Industry Data Security Standard (PCI DSS) 3.0 compliance reporting to EventLog Analyzer, its security information and event management (SIEM) software. The move makes EventLog Analyzer users audit-ready to meet the payment card safeguards defined by PCI DSS 3.0 requirements 10 and 11.5. The ManageEngine white paper on PCI DSS 3.0 is available for download at https://www.manageengine.com/eventlog/pci-dss-compliance-whitepaper.html.

PCI DSS 3.0 became active on January 1, 2014, establishing 12 security requirements that concern the protection of payment card data. Businesses that accept, store, process or transmit customers’ card data must adhere to the 12 requirements by January 1, 2015. Businesses that do not comply with PCI DSS 3.0 requirements will face penalties ranging from heavy fines to forfeiture of their licenses to process payment card transactions. Most importantly, the brand and reputation of a business will suffer if a data breach affects its customers’ payment card data.

“PCI DSS 3.0 compliance has become a crucial security element,” said Chenthil Kumaran, product manager at ManageEngine. “The recent payment card data breaches at retail giants such as Target and Home Depot have elevated the need for organizations from various industries to secure their customers’ payment card data from threats.”

Fulfilling PCI DSS 3.0 Requirements 10 and 11.5 with EventLog Analyzer

PCI DSS 3.0 requirements 10 and 11.5 are considered to be the most challenging to fulfill for securing and protecting customers’ payment card data from threats. PCI DSS 3.0 requirement 10 pushes enterprises to gain security intelligence to know the “who, what, where and when” of users accessing the network resources and cardholder data, whereas PCI DSS 3.0 requirement 11.5 focuses on the protection of critical files from unauthorized access.

  • Out-of-the-box reporting and requirement 10 EventLog Analyzer easily fulfills the PCI DSS 3.0 requirement 10 with the addition of out-of-the-box reporting, which enables analysis of the complete user audit trail to identify who is logging into their systems, when they logged into the systems and what activities they carried out on the systems.
  • File integrity monitoring and requirement 11.5 EventLog Analyzer’s new file integrity monitoring (FIM) reporting feature fulfills PCI DSS 3.0 requirement 11.5. Now, businesses can track all changes happening to their files in real time such as when payment card data files are accessed, modified, deleted, renamed and created. The file integrity monitoring capability is also intelligent and can reveal the name of the person who made changes to the files.

The out-of-the-box PCI DSS 3.0 security report provided by EventLog Analyzer lists down the PCI DSS 3.0 sections in a systematic manner with the relevant sub-reports supporting those sections. This PCI DSS 3.0 compliance reporting tool also helps IT security managers effectively conduct log forensics investigations, generate security reports, monitor user activities, monitor servers, correlate events, receive alerts during anomalous activities and much more.

Pricing and Availability

EventLog Analyzer prices start at $795, and a fully functional, 30-day trial version is available for download at https://www.manageengine.com/products/eventlog/download.html.

For more information on EventLog Analyzer, please visit http://www.eventloganalyzer.com/. For more information on ManageEngine, please visit http://buzz.manageengine.com/; follow the company blog at http://blogs.manageengine.com/; on Facebook at http://www.facebook.com/ManageEngine and on Twitter at @ManageEngine.

About EventLog Analyzer

ManageEngine EventLog Analyzer is a web-based, real-time, log monitoring and compliance management solution for security information and event management (SIEM) that improves internal network security and helps organizations comply with the latest IT audit requirements. For more information on ManageEngine EventLog Analyzer, please visit http://www.eventloganalyzer.com/.

About ManageEngine

ManageEngine delivers the real-time IT management tools that empower an IT team to meet an organization’s need for real-time services and support. Worldwide, more than 90,000 established and emerging customers 3—4 including more than 60 percent of the Fortune 500 3—4 rely on ManageEngine products to ensure the optimal performance of their critical IT infrastructure, including networks, servers, applications, desktops and more. Another 300,000-plus admins optimize their IT using the free editions of ManageEngine products. ManageEngine is a division of Zoho Corporation with offices worldwide, including the United States, United Kingdom, India, Japan and China. For more information, please visit http://buzz.manageengine.com/; follow the company blog at http://blogs.manageengine.com/; on Facebook at http://www.facebook.com/ManageEngine and on Twitter at @ManageEngine.

Media Contact:

Avinash Kagava
ManageEngine
avinash.kagava@manageengine.com
Follow us on Twitter: @manageengine