Overview »
PCI Requirements Matrix »
PCI reporting tour »
PCI Compliance: A technology overview »
Passing an information security audit »

PCI compliance with StillSecure products and services

StillSecure has helped numerous organizations comply with PCI and other info-security regulations. StillSecure product solutions, managed security services, and consulting services help you comply with 8 of the 12 top-level PCI requirements and dozens of specific sub-requirements, as shown in the PCI Coverage table, below. Our PCI Requirements / Solutions Matrix page describes in detail how StillSecure meets each of the requirements listed in the coverage table.


Figure 1. StillSecure's PCI compliance solutions provide coverage for 8 of the 12 PCI requirements as indicated by the StillSecure stoplight


PCI Coverage Table

See our PCI Requirements/Solutions Matrix page for specific details on coverage.

StillSecure solutionPCI DSS requirement met
Managed Security Services (ProtectPoint™) 1.1.1, 1.1.2, 1.1.3, 1.1.5, 1.1.6, 1.2, 1.2.1, 1.2.3, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.3.6, 1.3.8, 1.4
2.1, 2.1.1, 2.2, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.3
4.1
6.1, 6.6
8.3
11.2, 11.3, 11.3.1, 11.3.2, 11.4
12.2, 12.5.1, 12.5.2, 12.9.3, 12.9.4, 12.9.5, 12.9.6
Network Access Control (NAC) (Safe Access®) 1.4
2.2, 2.2.3
5.1, 5.2
6.1
12.2, 12.5.1, 12.5.2
Intrusion detection/prevention (Strata Guard®) 11.4
12.5.2, 12.9.5
Vulnerability management (VAM®)) 1.4
2.1, 2.1.1, 2.2, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.3
6.1, 6.2, 6.6
11.2, 11.3, 11.3.1, 11.3.2
12.2, 12.5.1, 12.5.2

The StillSecure solution set for PCI Compliance provides merchants and processors with the basic and advanced security technologies in a number of required areas:

  • Firewall (StillSecure ProtectPoint® managed services)
  • Gateway anti-virus (StillSecure ProtectPoint managed services)
  • Intrusion detection prevention (StillSecure Strata Guard® and ProtectPoint managed services)
  • Network access control (StillSecure Safe Access®)
  • Routing services (StillSecure ProtectPoint managed services)
  • VPN (StillSecure ProtectPoint managed services)
  • Vulnerability scanning (StillSecure VAM® and managed services)

The suite of solutions is policy-driven, allowing organization-specific security policies to be configured and followed. All StillSecure products and managed services are open-standards based solutions that can share and act on data between solutions and with other systems in the IT environment — a key factor for success in any PCI compliance program.





PCI Compliance Resource Center

Whitepaper: PCI Compliance: A Technology Overview Download »
StillSecure/PCI Compliance Matrix: web page » or PDF »
Video Presentation: The Experts Behind Compliance Go »
Press release: StillSecure Ensures Compliance With New
    PCI DSS Wireless Guidelines Go »
Whitepaper: Passing an Information Security Audit Download »
PCI DSS Wireless Guideline Download »
Podcast: Wireless Compliance

StillSecure PCI services and solutions overview

Consulting services for PCI compliance

StillSecure offers consulting services specifically designed to help you address the challenge of PCI compliance. For organizations that have already achieved PCI compliance, or are currently in the process of doing so, StillSecure offers a range of services to fill internal gaps. Activities include:

  • Identifying the scope of the technical environment relevant to PCI
  • Identifying the gaps in policies, procedures, and technical implementations
  • Defining a specific action plan for achieving compliance that includes budgets, timelines, and resource plans
  • Executing identified remediation tasks and develop required documentation, including policies and compensating controls
  • Consult on the assessment and certification process, assisting with response to QSAs and partner organizations.

Managed security services:

ProtectPoint™ - Best-in-class managed security services that protect you from internet attack, stopping unauthorized access and preventing worms, trojans, and viruses from taking down your network. Subscription-based ProtectPoint services deliver both the technology and the round-the-clock expertise needed to protect your network and bring you into compliance with data security policies. Services include managed intrusion detection/prevention, firewall, gateway anti-virus, VPN, content filtering, anti-spam, and vulnerability scanning.

Network access control:

Safe Access® - Awarded the Best Endpoint Security Solution 2008 (and 2006) by SC Magazine (and named an SC Magazine "Best Buy"), Safe Access protects the network by ensuring endpoint devices are free from threats and in compliance with security policies before they are allowed on the network.

Intrusion detection/prevention:

Strata Guard® - Strata Guard is an award-winning network-based intrusion detection/prevention system (IPS/IDS) that provides real-time, zero-day protection from network attacks and malicious traffic. Strata Guard can also be utilized in a "post-connect" NAC scenario to quarantine devices generating malicious traffic.

Vulnerability management:

VAM® - An award-winning vulnerability management platform that identifies, tracks, and manages the repair of network vulnerabilities across the enterprise, VAM manages the vulnerability lifecycle from end to end, mitigating the risk of network exploitation and compromise.

PCI reports tour

Launch tour »