PCI Requirement 10.2.4 – Invalid Logical Access Attempts
Is There a Log of That? Invalid logical access attempts are often an indication of a malicious user attempting to access something they…
Is There a Log of That? Invalid logical access attempts are often an indication of a malicious user attempting to access something they…
Examine Audit Trails PCI Requirement 10.2.3 requires that organizations implement automated audit trails to reconstruct access to audit trails. What’s the purpose of…
Root or Administrative Privileges Accounts that have root or administrative privileges have a greater chance of impacting the security and functionality of a…
Identifying Which Accounts Have Been Compromised PCI Requirement 10.2.1 requires that audit trails reconstruct all individual user accesses to cardholder data. What is…
What Do I Log? Because PCI Requirement 10 requires that logging mechanisms be enabled, we often hear clients ask, “What do I log?”…