LogoLogo
APISupportDashboard
  • Welcome
  • Platform
    • Platform Overview
    • Getting Started Guide
    • Discovery
      • Domain Discovery
      • Network Discovery
      • Discovered Assets
    • Targets
      • Scan Policies
      • Add-on Services
      • Tags & Filtering
        • Default Tags
      • Managing Targets
      • Scan Configuration
    • Issues
      • Vulnerability Management
      • Issue Settings
    • Risk
    • Technology
    • Firewalls
      • Ports
      • HTTP Servers
      • DNS Records
    • Websites
      • Certificates
      • Scripts
      • Cookies
      • Headers
      • Forms
      • Links
      • Downloads
      • Traffic Hosts
      • Meta Tags
      • Pages
    • Reports
    • Events
      • Event Rules
      • Event Types
    • PCI Compliance
    • Automations
      • Target Automations
      • Asset Automations
      • Target Issue Automations
    • Projects
      • Penetration Testing
      • Other Projects
  • Integrations
    • Discovery Integrations
      • Azure
      • Google Cloud
      • AWS
      • Cloudflare
      • Linode
      • Akamai
      • Oracle Cloud Infrastructure
      • F5
      • GoDaddy
      • Wiz
      • HTTP
    • Workflow Integrations
      • Slack
      • Google Chat
      • Jira
      • PagerDuty
      • Splunk
      • AWS
      • Vanta
      • Microsoft Teams
      • ArmorCode
      • Zapier
        • Slack (via Zapier)
        • Jira (via Zapier)
        • Service Now (via Zapier)
    • Feeds
      • Using Feeds with Google Sheets
    • API
    • Webhooks
  • Account
    • Account Overview
      • Account Security
    • Users
      • Roles & Permissions
Powered by GitBook

© 2024 Halo Security

On this page
  • Generate Report
  • Review Process
  • PCI Security Standards Council
  • Pages

Was this helpful?

  1. Platform

PCI Compliance

Manage PCI Compliance for your assets.

PreviousEvent TypesNextAutomations

Last updated 16 days ago

Was this helpful?

Navigate to your Dashboard and select the monitor and manage PCI compliance status. From here, you can easily see the status of targets that are in scope for PCI scanning and whether they are currently in compliance. If any reports have been reviewed and passed, you will be able to download them.

After the targets in PCI scope have been scanned, you may submit a report to be reviewed.

Generate Report

Click the button or the + icon in the status card to generate a new PCI report.

Generating a report begins the PCI attestation process. During this process, you will be required to answer questions to the following:

  • Out of Scope targets: A list of targets that have not been scoped for PCI compliance will be listed. Verify that none of these targets should fall within PCI scope.

  • Special Notes: Certain software that may cause a risk if it is not implemented properly will be listed here. You must attest that these items have been securely implemented.

  • Load Balancers: If load balancers are part of your your in-scope PCI infrastructure you will answer that here. If they are in use, the systems behind them need to be properly synchronized in terms of configurations.

  • Attestation: Finally, you must name the report and give your name and job title.

Clicking "I Attest" will then submit the report for review.

Review Process

All reports must be reviewed before they can be submitted to your acquiring banks or QSA. After a report has been attested to and submitted, it will go through the review process. You will then be notified whether the report has passed or been rejected.

PCI Security Standards Council

For more information about PCI compliance and standards, please visit the PCI Security Standards Council:

Pages

PCI dashboard
Generate Report
https://app.halosecurity.com/user/security/pci/
Official PCI Security Standards Council Site - Verify PCI Compliance, Download Data Security and Credit Card Security Standards
Logo