Topic: PCI DSS Compliance

Using ClamAV for Linux PCI DSS requirement 5: Malware

PCI DSS requirement 5 focuses on anti-virus and malware, or malicious software. Linux systems can also be compliant by using the popular ClamAV software.

PCI DSS Linux: Creation and deletion of system-level objects

The PCI DSS standard defines Creation and deletion of system-level objects. For Linux systems this might be handled with the Linux audit framework.

PCI DSS (v3) Linux: Invalid logical access attempts (10.2.4)

PCI DSS compliance control 10.2.4 mandates to monitor invalid logical access attempts. For Linux we can use the Linux audit framework to monitor for this event.

Logging of administrative actions with root privileges

PCI DSS requires logging of administrative actions, including commands executed by the root user or using sudo. Learn how to set up accounting and auditing.

PCI DSS Linux: No write access to shared system binaries

PCI compliance demands that no write access is allowed to shared system binaries. Let's use several tools to determine if write access is allowed.

PCI DSS (v3) for Linux: Auditing application processes (A.1.2.a)

PCI DSS compliance requires you to verify if no application processes are running as root. We audit these application processes and check the status of each.

PCI DSS (v3) Linux: Restrict log file viewing (A.1.2.d)

Linux users who want to compliant with PCI DSS have to restrict log file viewing to only the owner. Learn how to achieve this.