eEye Digital Security » News

News

eEye to Roll out PCI Compliance Reporter

PCI Style Compliance Reports within REM Security Management Console

(ALISO VIEJO, CA) December 10. 2007 — eEye Digital Security®, a leading developer of unified client security and vulnerability management tools, today announced that it will be providing a PCI Compliance Reporter, a series of report templates designed to ensure that organizations comply with some 12 Payment Card Industry Data Security Standard (PCI DSS) requirements for protection against credit card fraud and identity theft. Since 2005, credit card fraud in the UK and America has increased by 350% on average, according to Reuters, while the FBI estimated the cost of organized cybercrime at $400 billion in 2004.

Conforming to strict PCI DSS standards, the eEye PCI compliance reports will enable users to comply with PCI requirements, beginning with the identification, assessment and mitigation of existing risks, prevention of future risks, monitoring and analyzing events, incident response and generating reports on risk status.

“Being able to enforce and report local system policy from a centralized position is key,” said Morey Haber, eEye VP of Product Management. “eEye solutions allow an organization to accurately portray its security posture and attest to its state of compliance. We can maintain a snapshot of system status, vulnerabilities, patches, and configuration detail in any size of environment, identifying compliance anomalies in a timely fashion and thereby helping organizations run secure business practices.”

The eEye PCI Compliance Reporter supports the following PCI DSS mandates:

- Install and maintain a firewall configuration to protect data;
- Prevent the practice of using vendor-supplied defaults for system passwords and other security parameters;
- Use and regularly update anti-virus software and signatures;
- Assign a unique ID to each person with computer access;
- Regularly test security systems and processes; and
- Develop and maintain secure systems and applications;

These PCI compliance reports will initially be available for use with the REM Security Management Console and the REM 1505 Appliance, both of which offer a complete view and control of an organization’s security posture; integrated vulnerability management (network and host) with centralized endpoint security management. The console manages Retina network vulnerability scans and Blink Professional endpoint security policies and incidents from a single console.

“We are looking forward to using the PCI Compliance Reporter to satisfy a growing demand among our retail and financial services customers for ways to prevent identify theft and restore public trust in making credit card purchases without fear of losing money or ruining one’s credit history,” said Dave Doebler, Director of Sales, Mission Critical Systems. “Taking a proactive approach to mitigate financial risk is imperative given the amount of phishing, keylogging, WiFi hacking, and related scams criminals use to prey on innocent consumers.”

PCI Compliance Reports by eEye will later be available in its Retina Network Security Scanner. Retina scans the network for known and unauthorized devices - such as servers, desktops, laptops, routers/switches - identifying missing patches, misconfigurations, policy exceptions, and other vulnerabilities.

The PCI DSS is the payment card industry’s effort at self regulation. It creates a unified security standard that reduces the risk of card fraud and governs the safekeeping of cardholder information throughout the transaction process. It applies to any and all merchants, service providers and acquirers that store, process or transmit cardholder data.

According to statistics posted on Visa’s Web site, 44% of 327 so-called Level 1 merchants, those identified as submitting more than 6 million Visa transactions annually, were PCI compliant as of Aug. 31, up from 40% in July. Another 54% have submitted plans but need to make changes before getting final validation. Level 1 merchants account for half of Visa’s transaction volume.

Visa also noted that nearly 2,500 Level 3 merchants, those that do business only on the Web and generate 20,000 to 1 million annual Visa transactions, have a validated PCI compliance rate of 54%. Twenty percent are in remediation and 24% have started the PCI assessment process, Visa reports.

Pricing and Availability
PCI Compliance Reports by eEye are now available for use with the REM Security Management Console and the Retina Enterprise Security Management Appliance 1505. They will be available in the Retina Network Security Scanner by December 30. The Retina Enterprise Security Management Appliance 1505 with eEye PCI Compliance Reporter starts at $20,000

About eEye Digital Security

eEye Digital Security® is pioneering a new class of security products:integrated threat management. This next-generation of security detects vulnerabilities and threats, prevents intrusions, protects all of an enterprise’s key computing resources, from endpoints to network assets to web sites and web applications, all while providing a centralized point of security management and network visibility.eEye’s research team is consistently the first to identify new threats in the wild, and our products leverage that research to deliver on the goal of making network security as easy to use and reliable as networking itself. Founded in 1998 and headquartered in Orange County, California, eEye Digital Security protects more than 9,000 corporate and government organizations worldwide, including half of the Fortune 100. For more information, please visit www.eeye.com

About eEye Digital Security

Primary Agency Contact

EMEA Agency Contact

Corporate Contact