PCI-DSS Auditing Linux, Apache, PHP, & MySQL With Nessus 4
by Paul Asadoorian on April 16, 2009
PCI-DSS Scanning
The effectiveness of the Payment Card Industry (PCI) standards to secure systems responsible for credit card transaction processing is a question of debate among information security professionals. Regardless of the hype or negativity surrounding PCI, it remains a requirement for many organizations to follow. Nessus has built-in PCI-DSS compliance checks that compare scan results with the PCI standards and produce a report on your compliance posture. It is very important to note that a successful compliance scan does not guarantee compliance or a secure infrastructure. Compliance scanning is just one tool to be used as part of a comprehensive program that includes the appropriate policies and procedures to ensure that assets are appropriately protected.