PCI Requirement 11.5

The Payment Card Industry Data Security Standard (PCI DSS) Audit reports provide available documentation and compliance artifacts that help you demonstrate compliance with requirements of the PCI DSS.

The PCI Requirement 11.5 report provides guidance on how to access File Integrity Monitoring (FIM) features that help you demonstrate compliance with Requirement 11.5.

To access the PCI Requirement 11.5 report:

  1. In the Alert Logic console, click the menu icon (), and then click Validate.
  2. Click Reports, and then click Compliance.
  3. Under PCI DSS Audit, click VIEW.
  4. Click PCI Requirement 11.5.

The report summary page displays two columns. Testing Procedures lists each procedure that is required for testing the selected PCI requirement. Available Documentation and Artifacts describes, and contains links to, the documentation and compliance artifacts that this report can demonstrate compliance with each testing procedure.

Schedule the report

After you finish setting up the report, you can use CREATE REPORT to run it periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. To learn how to schedule the report and subscribe notification recipients, see Scheduled Reports and Notifications.

Available Documentation and Artifacts

This report provides you with quick access to the FIM configuration, events, and notifications that help you demonstrate that your organization deploys a change-detection mechanism (for example, file-integrity monitoring tools) to alert personnel to unauthorized modification (including changes, additions, and deletions) of critical system files, configuration files, or content files; and configured the software to perform critical comparisons weekly.

Testing procedure for PCI 11.5.a

This testing procedure requires you to prove that your organization verifies the use of a change-detection mechanism by observing system settings and monitored files, as well as reviewing results from monitoring activities.

This section provides you with a link for quick access to the Get Started with Alert Logic Deployments page in the Alert Logic console where you can view the FIM section for configured monitoring file paths in a specific deployment. You can use this information to demonstrate that processes are in place to verify the use of a change-detection mechanism.

This section also provides you with a link for quick access to the File Integrity Monitoring Dashboard in the Alert Logic console where you can view or export changes to your monitored software and configuration files. You can use this information to demonstrate that processes are in place to verify tthe use of a change-detection mechanism.

Testing procedure for PCI 11.5.b

This testing procedure requires you to prove that your organization verifies the mechanism is configured to alert personnel to unauthorized modification (including changes, additions, and deletions) of critical files, and to perform critical file comparisons at least weekly.

This sections provides you with a link for quick access to the File Integrity Monitoring Search Notification page in the Alert Logic console where you can view the list of users configured to receive FIM scheduled search notifications.