Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Integrated vendor network for security as a service

Qualys : 23 April, 2009  (Company News)
InfoSecurity Europe will see Qualys unveiling QualysGuard PCI Connect for delivering vendor connectivity for secure software as a service
Qualys has announced QualysGuard PCI Connect which is the industry's first Software-as-as-Service (SaaS) environment for PCI compliance connecting merchants to multiple partners and security solutions in order to document and meet all 12 requirements for PCI DSS. Qualys is unveiling this new product at the Infosecurity Europe tradeshow next week at Earls Court, London on Stand H70.

QualysGuard PCI Connect is an on demand environment bringing together multiple security solutions into one unified end-to-end business application for PCI DSS compliance and validation. As a new addition to the widely adopted QualysGuard PCI service, PCI Connect streamlines business operations related to PCI compliance and validation for merchants and acquirers all from a combined collaborative application with automated report sharing and distribution. PCI compliance status and tracking is performed on an ongoing basis. Merchants who use QualysGuard PCI Connect can easily identify areas where they may not be meeting compliance requirements. Acquirers who use QualysGuard PCI Connect can easily evaluate whether merchants have met PCI requirements and whether sufficient evidence has been submitted for validation.

"At Merchant e-Solutions we are striving to have all our merchants compliant in 2009 and we are constantly searching for solutions that will complement our internal PCI DSS administration infrastructure," said Jim Aviles, manager of products and technology for Merchant e-Solutions, a provider of traditional and internet-based payment services for banks and merchants. "QualysGuard PCI Connect will give our e-commerce merchants an easy-to-use tool to conduct vulnerability scans and document PCI compliance at a lower cost, it will also enable us to integrate the tracking and validation of their compliance status."

QualysGuard PCI Connect is an open platform with XML APIs that allows partners and solution providers to provide automated data feeds into QualysGuard PCI Connect to demonstrate compliance. In addition, merchants will be able to identify gaps in the PCI compliance program and easily connect to security solutions that can meet their needs.

"Compliance with the PCI data security standard is a continuous process, and not a one-time event," said Avivah Litan, VP and distinguished analyst, Gartner Inc. "Security monitoring should be a continuous process and automated as much as possible so that human analysis and intervention is focused on high risk activities."

QualysGuard PCI Connect offers merchants and acquires the following benefits:

- Automates the collection of data for validations PCI DSS compliance
- Merchants see detailed results including related evidence for all requirements of PCI throughout the entire organization when answering SAQ
- Provides workflow for merchants to track comprehensive compliance status on an ongoing basis
- Open API to work with any security solution or vendor
- Acquiring bank has additional security controls of merchants when validating merchants for compliance

At the RSA Conference, six security vendors that provide PCI DSS solutions have partnered with Qualys to provide automated data feeds into QualysGuard PCI Connect. These partners include:

- AirTight Networks is integrating its SpectraGuard Online service, the only WIPS offered as SaaS today, into QualysGuard PCI Connect. SpectraGuard Online automates compliance with PCI Requirement 11.1 that mandates a minimum quarterly wireless scan of all locations or the deployment of a wireless IDS/IPS.

- Core Security Technologies' flagship IMPACT Pro is the leading commercial-grade penetration testing software solution on the market today. Merchants looking to comply with requirement 11.3 of the PCI mandate, which calls for regular penetration testing, use Core IMPACT Pro for robust, repeatable and measurable assessment of their networks and Web applications.

- Imperva SecureSphere Data Security Suite addresses PCI DSS section 6.6 via Web Application Firewall and sections 10 and 3.4 via database activity monitoring and database firewall solutions.

- RedSeal Systems automatically analyzes how firewalls and routers work together to grant or prohibit access to every point within an organization's network. Using this information, it validates if a network configuration complies with the network security requirements of PCI DSS requirement 1.

- Splunk provides an overall view of your PCI compliance posture across all requirements. Specifically: PCI log management, file integrity monitoring and control reporting. PCI DSS Requirements, 7.1, 10.2, 10.5, 10.6, 10.7, 11.5

- Third Brigade provides comprehensive server and application protection, including integrity monitoring, IDS/IPS, Web application protection, application control, stateful firewall and log inspection, in a modular, centrally-managed software solution that addresses PCI DSS requirements 1, 2, 6, 10, 11, and 12.

"Listening to our customers who are dealing with PCI DSS, it became clear to us that a centralized solution to collect the data for various PCI requirements was needed to streamline the process and give merchants more technology options for PCI validation, " said Philippe Courtot, CEO and chairman of Qualys. "We are thrilled to work with all the leading PCI DSS solution providers to deliver such a collaborative solution for merchants and acquirers to facilitate, manage and track PCI compliance at all levels."

QualysGuard PCI Connect is an extension for the QualysGuard PCI on demand platform that provides businesses, online merchants and acquirers with the easiest, most cost-effective and highly automated way to validate PCI DSS compliance. Qualys is an Approved Scanning Vendor (ASV), and is fully certified to assess PCI DSS compliance. Currently, 68 percent of all PCI DSS ASVs and 49 percent of QSAs utilize QualysGuard to deliver PCI certification and automated Web application scanning to their global clients.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo