Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Solutions for PCI DSSAssess and Monitor PCI Compliance

PCI security standards impact virtually every organization involved with credit card processing, including merchants, financial institutions, point-of-sale vendors and hardware/software developers involved in processing payments. Because payment card information is one of the most appealing targets for attackers, protecting payment card transactions and cardholder data (CHD) is crucial.

Potential impact of a credit card breach:

  • Lost confidence, so customers go to other merchants
  • Legal costs, settlements and judgments
  • Diminished sales
  • Fines and penalties
  • Cost of reissuing new payment cards
  • Termination of ability to accept payment cards
  • Fraud losses
  • Lost jobs (CISO, CIO, CEO and dependent professional positions)
  • Higher subsequent costs of compliance
  • Going out of business

Maintaining compliance continues to be a challenge for organizations. Nearly half (47.5%) of the organizations assessed for interim PCI DSS compliance validation had not maintained all DSS controls.

2018 Payment Security Report, Verizon.

Benefits of The Solution

Assess In-scope Assets

In-scope Assets

Covers virtually all in-scope assets in cardholder data environments, including servers, databases, web applications and network devices.

Streamline Compliance Documentation

Streamline Compliance Documentation

Simplifies the work of documenting compliance status with out-of-box scan and reports templates.

Boost Productivity


Accelerates security risk assessment to quickly identify and prioritize vulnerabilities and misconfigurations.

Reduce Administration Costs

Administration Costs

Eliminate internal hosting and administration costs with Tenable.io, hosted in the cloud.

The Tenable solution starts with a foundation of Tenable.sc or Tenable.io, and then builds on the foundation by adding Tenable.io PCI ASV and Tenable.io Web Application Scanning, as needs require.

Asset 14
Asset 11
Asset 12
Configuration Compliance
(PCI DSS 2.2)
Asset 14checkmark
Asset 11
Asset 12
Establish a process to identify security vulnerabilities and assign a risk rating to newly discovered vulnerabilities
(PCI DSS 6.1)
Asset 14checkmark
Asset 11
Asset 12checkmark
Ensure that all system components and software are protected from known vulnerabilities by installing vendor-supplied security patches.
(PCI DSS 6.2)
Asset 14checkmark
Asset 11
Asset 12
For public-facing web applications, address new threats and vulnerabilities on an ongoing basis.
(PCI DSS 6.6)
Asset 14
Asset 11
Asset 12checkmark
Internal Vulnerability Scanning
(PCI DSS 11.2.1)
Asset 14checkmark
Asset 11
Asset 12
External Vulnerability Scanning
(PCI DSS 11.2.2)
Asset 14
Asset 11checkmark
Asset 12
Asset 14More Info
Tenable.ioMore Info
Asset 11More Info
Asset 12More Info
  • Asset 14
  • Tenable.io
  • Asset 11
  • Asset 12

Tenable.sc(™), the on-premises Cyber Exposure platform, evaluates vulnerability and configuration data across the cardholder data environment. Prioritize security risks and provide clear insight into PCI DSS compliance.

This comprehensive PCI DSS solution provides the continuous visibility, critical context and actionable intelligence service providers and merchants need to monitor PCI technical controls, year-round.

  • Automate host activity data collection and review. Identify threats to cardholder data in near real-time.
  • Maintain compliance between assessments.
  • Measure and communicate your PCI compliance program status with all stakeholders.
Schedule a Demo Learn More

Tenable.io®, the cloud-based Cyber Exposure platform, helps protect cardholder data whether it is being captured by an ecommerce website, or stored on-premises or in the cloud.

Tenable.io and available applications address multiple PCI DSS compliance requirements to help organizations measure and manage cyber risk well beyond the assets that are in scope for PCI DSS. Tenable.io eliminates blind spots with the industry’s most comprehensive visibility into traditional and modern assets, such as cloud, mobile devices, containers and web applications.

  • Identify and prioritize vulnerabilities and misconfigurations across modern assets.
  • Integrate with ITSM solutions to streamline remediation workflows.
  • Verify that patches have remediated vulnerabilities.
免费试用 立即购买

Tenable.io® PCI ASV, an add-on to Tenable.io®, streamlines verification of adherence with the PCI Data Security Standard 11.2.2 requirement for external vulnerability scanning.

Pre-configured scan templates and an efficient evidence/dispute resolution process lets you quickly run scans, submit attestation requests and resolve disputes.

  • Meet quarterly PCI ASV scanning requirements with minimal impact on staff resources.
  • Scan yassets when convenient for your organization, and rescan as needed to obtain a result that is ready for review.
  • Streamline the resolution process by batching disputes and reusing previously submitted dispute documentation.
Try for FreeDownload the Data Sheet

Tenable.io® Web Application Scanning delivers safe and automated vulnerability scanning for your in-scope web applications.

Tenable.io Web Application Scanning 能安全、精准、自动扫描您的 Web 应用程序,让您洞察各种漏洞和有价值的运行环境,以确定修复的优先顺序。

  • Understand the sitemap applications layouts to identify in-scope web application
  • Scan HTML5 and single page applications, along with traditional HTML apps.
  • Enable highly automated no-touch scans for continuous protection. Easily define the frequency of automated testing.
免费试用 立即购买

Content Needed


Addressing PCI DSS with Tenable.io


How to Enable Continuous PCI DSS Compliance Monitoring


Tenable.io PCI ASV 认证

免费试用 立即购买

选择 Tenable.io

免费试用 60 天

可全面访问基于云的现代化漏洞管理平台,从而以无可比拟的精确度发现并追踪所有资产。 立即注册并在 60 秒内运行第一次扫描。

立即购买 Tenable.io

可全面访问基于云的现代化漏洞管理平台,从而以无可比拟的精确度发现并追踪所有资产。 立即购买年度订阅。

65 资产



免费试用 立即购买

免费试用 Nessus Professional

免费试用 7 天

Nessus® 是当今市场上功能最全面的漏洞扫描器。Nessus Professional 可帮助自动化漏洞扫描流程、节省合规周期的时间,并让您调动起 IT 团队的积极性。

购买 Nessus Professional

Nessus® 是当今市场上功能最全面的漏洞扫描器。Nessus Professional 可帮助自动化漏洞扫描流程、节省合规周期的时间,并让您调动起 IT 团队的积极性。


免费试用 立即购买

试用 Tenable.io Web Application Scanning

免费试用 60 天

完整享有专为现代化应用程序而设、属于 Tenable.io 平台组成部分的最新 Web 应用程序扫描功能。可安全扫描全部在线资产的漏洞,具有高度准确性,而且无需繁重的手动操作或中断关键的 Web 应用程序。 立即注册并在 60 秒内运行第一次扫描。

购买 Tenable.io Web Application Scanning

可全面访问基于云的现代化漏洞管理平台,从而以无可比拟的精确度发现并追踪所有资产。 立即购买年度订阅。




免费试用 联系销售人员

试用 Tenable.io Container Security

免费试用 60 天

完整获得已集成至漏洞管理平台之唯一容器安全产品的功能。监控容器映像中的漏洞、恶意软件和策略违规。与持续集成和持续部署 (CI/CD) 系统进行整合,以支持 DevOps 实践、增强安全性并支持企业政策合规。

购买 Tenable.io Container Security

Tenable.io Container Security 经由与构建流程的集成,可供全面了解容器映像的安全性,包括漏洞、恶意软件和策略违规,借以无缝且安全地启用 DevOps 流程。

了解有关 Industrial Security 的详情