Requirement 11: Regularly test security systems and processes
Vulnerabilities are continually being discovered by hackers and researchers and more such flaws are also introduced by new software. Systems, processes, and custom software should be tested frequently to ensure security is maintained over time and through changes. The following table lists the specific sub-requirements in Requirement 11 that are addressed by TIBCO LogLogic® Compliance Suite - PCI Edition.
| Requirement 11 | Regularly test security systems and processes |
|---|---|
| 11.4 | Use network intrusion detection systems, host-based intrusion detection systems, and intrusion prevention systems to monitor all network traffic and alert personnel to suspected compromises. Keep all intrusion detection and prevention engines up to date. |
| 11.5 | Deploy file integrity monitoring software to alert personnel to unauthorized modification of critical system or content files; and configure the software to perform critical file comparisons at least weekly. |
| 11.6 | Ensure that security policies and operational procedures for managing vendor defaults and other security parameters are documented, in use, and known to all affected parties. Update: v3.0 November 2013. |
Copyright © Cloud Software Group, Inc. All rights reserved.