Sub-Requirement 12.9.5

• Include alerts from intrusion detection, intrusion prevention, and file integrity monitoring systems.

Illustrative Controls and the TIBCO LogLogic Solution

To satisfy this requirement, administrators must regularly review IDS logs and alerts. Events with the potential to adversely affect cardholder data or systems in the payment card environment must be investigated according to the procedures outlined in the incident response plan.

Reports and Alerts

Use the following link/reference to see the 12.9.5 reports and alerts: 12.9.5 on page 146.

Each Tripwire configuration will include critical files, data, and directories that are unique to each installation, thus no pre-configured alerts are included for Tripwire. The included Tripwire report can be used to help baseline the environment and determine which alerts are required.