LogoLogo
APISupportDashboard
  • Welcome
  • Platform
    • Platform Overview
    • Getting Started Guide
    • Discovery
      • Domain Discovery
      • Network Discovery
      • Discovered Assets
    • Targets
      • Scan Policies
      • Add-on Services
      • Tags & Filtering
        • Default Tags
      • Managing Targets
      • Scan Configuration
    • Risk
    • Firewalls
      • Ports
      • HTTP Servers
      • DNS Records
    • Websites
      • Certificates
      • Scripts
      • Cookies
      • Headers
      • Forms
      • Links
      • Downloads
      • Traffic Hosts
      • Meta Tags
      • Pages
    • Technology
    • Issues
      • Vulnerability Management
      • Issue Settings
    • Reports
    • Compliance
    • Projects
      • Penetration Testing
      • Other Projects
    • Events
      • Event Rules
      • Event Types
    • Automations
      • Target Automations
      • Asset Automations
      • Target Issue Automations
  • Integrations
    • Discovery Integrations
      • Azure
      • Google Cloud
      • AWS
      • Cloudflare
      • Oracle Cloud Infrastructure
      • F5
      • GoDaddy
      • Wiz
      • HTTP
    • Workflow Integrations
      • Slack
      • Google Chat
      • Jira
      • PagerDuty
      • Splunk
      • AWS
      • Vanta
      • Microsoft Teams
      • ArmorCode
      • Zapier
        • Slack (via Zapier)
        • Jira (via Zapier)
        • Service Now (via Zapier)
    • Feeds
      • Using Feeds with Google Sheets
    • API
    • Webhooks
  • Account
    • Account Overview
      • Account Security
    • Users
      • Roles & Permissions
Powered by GitBook

© 2024 Halo Security

On this page
  • Generate Report
  • Review Process
  • PCI Security Standards Council
  • Pages

Was this helpful?

  1. Platform

Compliance

Manage PCI Compliance for your assets.

PreviousReportsNextProjects

Last updated 3 months ago

Was this helpful?

This is where you’ll perform all activities related to PCI compliance. Here you can easily see the status of targets that are in scope for PCI scanning and whether they are currently in compliance. If any reports have been reviewed and passed, you will be able to download them.

After the targets in PCI scope have been scanned, you may submit a report to be reviewed.

Generate Report

Generating a report begins the PCI attestation process. During this process, you will be required to answer questions to the following:

  • Out of Scope targets: A list of targets that have not been scoped for PCI compliance will be listed. Verify that none of these targets should fall within PCI scope.

  • Special Notes: Certain software that may cause a risk if it is not implemented properly will be listed here. You must attest that these items have been securely implemented.

  • Load Balancers: If load balancers are part of your your in-scope PCI infrastructure you will answer that here. If they are in use, the systems behind them need to be properly synchronized in terms of configurations.

  • Attestation: Finally, you must name the report and give your name and job title.

Clicking "I Attest" will then submit the report for review.

Review Process

All reports must be reviewed before they can be submitted to your acquiring banks or QSA. After a report has been attested to and submitted, it will go through the review process. You will then be notified whether the report has passed or been rejected.

PCI Security Standards Council

For more information about PCI compliance and standards, please visit the PCI Security Standards Council:

Pages

https://app.halosecurity.com/user/security/pci/
Official PCI Security Standards Council Site - Verify PCI Compliance, Download Data Security and Credit Card Security Standards
Logo