AWS PCI-DSS 3.2

In this topic:

    As part of Dome9’s ongoing effort to automate the compliance assessment process, we are moving towards a unified compliance management framework. See more details here:

    Latest Updates

    Please note that with April release of the Compliance Engine Content, the PCI DSS bundle was updated.

    • Updates to Bundle names and descriptions

    • Unique check ID across various Bundles

    • Updated to control mappings to various compliance sections (updates to ‘Compliance Tags’)

    • Expanding and improving existing Dome9 Bundles by adding checks for new entities and applying GSL fixes

    The attached PDF file has a summary and detailed mapping of all the changes.

     

     

    Dome9 AWS PCI-DSS 3.2 Coverage

    Requirement #

    Dome9 Coverage

    Requirement 1

    Install and maintain a firewall configuration to protect cardholder data

    Requirements Dome9 can help you with:

    1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.6, 1.1.7, 1.2.1,1.3, 1.3.1, 1.3.2, 1.3.4, 1.3.5, 1.3.7

    Requirement 2

    Do not use vendor-supplied defaults for system passwords and other security parameters

    Requirements Dome9 can help you with: 2.1, 2.2, 2.3 2.2.2, 2.2.3

    Requirement 3

    Protect stored cardholder data

    Requirements Dome9 can help you with: 3.4.1, 3.5.3, 3.6.3, 3.6.4, 3.6.5

    Requirement 4

    Encrypt transmission of cardholder data across open, public networks

    Requirement Dome9 can help you with: 4.1

    Requirement 6

    Develop and maintain secure systems and applications

    Requirements Dome9 can help you with: 6.1, 6.2

    Requirement 7

    Restrict access to cardholder data by business need to know

    Requirements Dome9 can help you with: 7.1, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.2, 7.2.2, 7.2.3

    Requirement 8

    Assign a unique ID to each person with computer access

    Requirements Dome9 can help you with: 8.1, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.2, 8.2.4, 8.3.1, 8.3.1

    Requirement 10

    Track and monitor all access to network resources and cardholder data

    Requirements Dome9 can help you with:

    10.1, 10.2, 10.3, 10.5, 10.6

    Appendix A2

    Additional PCI DSS Requirements for Entities using SSL/early TLS

    Requirements Dome9 can help you with:

    A2.1, A2.2 ,A2.3