News
Qualys Releases QualysGuard PCI 5.0
September 2010 by Marc Jacob
Qualys®, Inc., the provider of on demand IT security risk and compliance management solutions, today announced QualysGuard PCI5.0,giving customers a simplified way to meet the latest Payment Card Industry Data Security Standard (PCI DSS) compliance requirements. It includes updates following newApproved Scanning Vendor(ASV) requirements released in March 2010, and a simplified user interface (UI) with workflows – helping customers easily and accurately detect security vulnerabilities, and efficiently remediate issues for PCI compliance.
Built on the same highly accurate scanning infrastructure as QualysGuard Vulnerability Management (VM), QualysGuard PCI is the leading PCI compliance solution used by 68percent of all ASVs and 46 percent of Qualified Security Assessors (QSAs) to help merchants with PCI DSS certification and validation. QualysGuard PCI5.0 streamlines the process with a new easyto- follow wizard-driven UI guiding customers through answeringthe Self-Assessment Questionnaire (SAQ), running compliance scans, remediating network and web application vulnerabilities, and documenting proof of compliance for onlinesubmission to acquiring banks.
New QualysGuard PCI 5.0 features include:
– Dashboard Homepage. The new home page is a starting hub for all the important workflows like asset wizard, SAQ wizard or starting a scan. It instantly provides users with the status of compliance, including percentage of hosts that pass and counts of high, medium and low vulnerabilities.
– Asset Scoping Wizard. A new workflow has been added to walk customers through the process of identifying IPs and domains that are in scope for PCI compliance.
– Compliance Wizard.Customers are required to work with ASVs to confirm on a quarterly basis that reports adhere to PCI DSS requirements for scoping, false positive documentation and scan completeness.The new compliance wizard helps customersthrougheach step of the process in an informative manner, presenting whatthe user needsto complete to generate the compliance report, including special notes, the consolidated action plan andfilling out the mandatory merchant attestation.
– Interactive Reports.The ASV scanreport now includes a new format with additional content, revised scoring terminology (High, Medium and Low), and sections for attestations.The report isfully interactive as it highlights confirmed and potential vulnerabilities, with sliding panels for detailed informationand quick filters to search and sort on various criteria instantly.
– False Positives Reporting. Approved false positivesmust be revalidated by the ASVs on a quarterly basis. New workflows now provide an easy-to-use interface to identify these false positives and resubmit them for approval every 90 days.
Pricing and Availability:
QualysGuard PCI 5.0 is now available in production.
GOLD SPONSOR
