You are here: Docs>Sheriff Web>UserGuides>SheriffCSMDocumentation>UserGuide>UsingSheriffCSMForPCICompliance>PCIDSS32Requirement3 (29 Apr 2022, SheriffCyberSecurity)Edit Attach
Up
Previous Next

Sheriff CSMâ„¢

PCI DSS 3.2 Requirement 3: Protect Stored Cardholder Data

Testing Procedure How Sheriff CSM Delivers Sheriff CSM Instructions Sheriff CSM Documentation
3.4.b Examine several tables or files from a sample of data repositories to verify the PAN (Primary Account Number) is rendered unreadable (that is, not stored in plain-text). Sheriff NIDS is capable of detecting PAN in NIDS traffic in plaintext, and alerts on it. Existing correlation directives will generate alarms on credit card information detected in clear text. Event Correlation
To verify that credit card data is not being stored in plain text, create a Security Events View with the search on Event Name containing "Credit Card". And then export the view as report module and run the report. Create Custom Reports from SIEM Events
3.4.d Examine a sample of audit logs, including payment application logs, to confirm that PAN is rendered unreadable or is not present in the logs. Sheriff NIDS is capable of detecting PAN in NIDS traffic in plaintext, and alerts on it.

If a PAN is detected, it is recorded in plaintext in multiple places. It is not automatically removed or otherwise encoded. Manual removal of PAN from logs and DB is required.		 Existing correlation directives will generate alarms on credit card information detected in clear text. Event Correlation
To verify that credit card data is not being stored in plain text, create a Security Events View with the search on Event Name containing "Credit Card". And then export the view as report module and run the report. Create Custom Reports from SIEM Events
Edit  | Attach | Print version | History: r9 < r8 < r7 < r6 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r9 - 29 Apr 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.