PCI DSS Requirement 11

The main requirement of PCI DSS is continuous monitoring of the security controls built into the CDE. Organizations should deploy a SIEM solution, but ensure that it can collect logs from all of the organization's security controls.

FIM solutions are specifically designed to monitor changes in files, in contrast to other security measures. Usually the program takes a "snapshot" of the system, and then regularly compares it to the current state of the system. It can alert IT or act to minimize the threat when it detects changes to files that suggest unauthorized intrusion.

The lack of proactive, robust protection dedicated to tracking network anomalies, such as intrusion detection systems (IDS) and intrusion prevention systems (IPS), is one of the reasons data breaches are so frequent.

PCI DSS mandates all merchants to check their environments for visible wireless access points on a quarterly basis to ensure that no uncontrolled wireless points are connected to the card data network and sensitive data within.

PCI Penetration testing is a type of ethical hacking that simulates a network and its systems being targeted.

A PCI vulnerability scan, whether internal or external, does not, like an antivirus software, traverse any network file. In order to check for vulnerabilities certain devices, such as internal or external IP addresses such as ports and services, must be configured.

File Integrity Monitoring (FIM) is the only PCI requirement to achieve safety in its purest form; preventing or alerting deviation from a well-known baseline.

Vulnerabilities are constantly found by malicious individuals and researchers, and new software is introduced to them. System components, processes, and custom applications should be periodically reviewed to ensure an evolving environment continues to represent security controls.