Meeting Compliance in the Cloud ≠ A Choice

by    •   April 20, 2017
posted in Compliance & Customer Requirements

In the past, we’ve talked about various ways that compliance can add value to your business. But what happens when you don’t attain or maintain compliance. (Note: In the following, we focus on PCI, but equally unpleasant consequences can result, of course, if you fail to meet other standards such as HIPAA, SOC 2, etc.). Read more “Meeting Compliance in the Cloud ≠ A Choice”

Demonstrating PCI Compliance Using Threat Stack

by    •   January 30, 2017
posted in Compliance & Customer Requirements, Threat Stack Product

PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council to protect cardholder data. Threat Stack customers frequently ask us how Threat Stack can help them comply with these two sets of requirements:

  • Requirement 10: Track and monitor all access to network resources and cardholder data (in other words, determine the who, what, where, and when)

  • Requirement 11: Regularly test security systems and processes (in order to continuously monitor and test security controls)

The good news is that the following Threat Stack features can provide significant benefits to customers who need to satisfy PCI Compliance Requirements 10 and 11:

  • Configuration Auditing
  • Vulnerability Scanning
  • Rules monitoring file integrity, logins, network access, and threat intelligence activity

In the remainder of this post, we’ll demonstrate how these can help you meet your PCI compliance and security goals. Read more “Demonstrating PCI Compliance Using Threat Stack”