Every year there are billions of credit card transactions representing trillions of dollars in value. PCI DSS is the global data security standard that applies to organizations that store, process or transmit payment card data. Major credit card vendors formed the Payment Card Industry Security Standards Council (PCI SSC) which is responsible for managing and updating the PCI standard. PCI requires merchants to safeguard payment card data by maintaining prescribed practices and policies, including network security, password management, encryption, vulnerability management, endpoint protection, and security monitoring.
Partnering with a Managed Security Service Provider (MSSPs) addresses some of the key PCI requirements such as:
Proficio provides a range of services that align to the requirements of the PCI standard. Our Managed Firewall Service ensures the configuration of next-generation firewalls maximize perimeter security and restrict direct public access between the internet and any system component in the cardholder data environment. Proficio’s Active Defense automates blocking traffic to and from known malicious IP addresses. PCI also requires that organizations protect all systems against malware and regularly update anti-virus software. Proficio monitors endpoint security software and provides Managed Endpoint Detection and Response Services to further reduce the risk. Identifying vulnerabilities and applying patches based on risk ranking is another PCI mandate. Proficio provides a risk-based vulnerability management which combines vulnerability scanning, risk scoring, and remediation consulting to protect against the exploitation and compromise of cardholder data by malicious individuals and malicious software. Our managed OSSEC agent fulfills the need to collect Windows log data and monitor file integrity logs.
- Managed Detection and Response
- 24/7 Security Monitoring and Alerting
- AI-Based Threat Hunting
- MITRE ATT&CK Framework
- Expert Investigations and Guided Remediation
- Security Orchestration and Automated Response (SOAR)
- Integrated Threat Intelligence
- Gap Analysis and Risk Scoring
- Managed File Integrity Monitoring
- Managed Next-Generation Firewalls
- Risk-Based Vulnerability Management