New capability prevents unauthorized access to cardholder data environments
Titania, specialists in continuous network security and compliance assurance solutions, today announces the launch of a solution that revolutionizes Payment Card Industry Data Security Standard (PCI DSS) compliance reporting against the new 4.0 standard. The new PCI DSS 4.0 Compliance Report is available in both Nipper, Titania's on-demand solution for configuration management, compliance, and control, and Nipper Enterprise, for delivering PCI DSS compliance assurance at network scale.
The new capability provides an automated way for commercial critical national infrastructure (CNI) organizations to embed the risk-focused evidence and implement best practices necessary to deliver greater security from PCI DSS compliance. Automating ready-mapped network device checks, with drill-down access to testing procedures, the compliance report demonstrates how routers, switches and firewalls ‘pass or fail’ to meet relevant PCI DSS 4.0 requirements, as well as providing a risk-prioritized view of any non-compliances that Nipper detects. The solution comes at a time when recent research reveals that only 37% of U.S. CNI organizations could 'very effectively' categorize and prioritize compliance risks that undermine the security of their networks.
“Historically, achieving PCI DSS compliance involved laborious manual mapping of network infrastructure device checks to specific requirements. This time-consuming and error-prone process is now a thing of the past with the new compliance report available in Nipper solutions,” said Ian Robinson, Chief Architect of Titania. “But perhaps more importantly for internal security teams, the solutions also provide the capability to accurately prioritize the remediation of non-compliances based on risk, which is fundamental to improving PCI DSS compliance posture. This is only possible because Nipper’s risk analysis of each non-compliance harnesses networking know-how to determine the ease of exploit and potential impact to security, as well as the ease of fix,” continued Robinson.
Jeff Man, NSA Certified Cryptanalyst, NSA Red Team, PCI SME, PCI QSA, INFOSEC Curmudgeon, Sr. Information Security Consultant at Online Business Systems recently evaluated the new PCI DSS 4.0 compliance reporting capability and states:
“I’ve worked in the payment card industry for 20 years, and I have rarely encountered any vendor that seems to know or care about PCI and how it relates to the products and services they sell. Titania not only shows an interest in PCI with its release of Nipper v3.0 but also demonstrates that it understands the data security requirements that Nipper impacts and/or could measure in terms of how well an entity is meeting the expectations of the requirements. I’ve used Nipper off and on for over 10 years, and this new version is the most focused on PCI yet. It’s a tool that I will recommend to all my clients.”
Titania, renowned for its proactive security and compliance assurance for network infrastructure, now offers an unprecedented solution that automates evidence-based PCI DSS compliance reporting against the new 4.0 standard. The new report is available in both the Nipper Enterprise solution which is used by security operations centers (SOCs) to continuously assure compliance, and Titania’s on-demand solution, Nipper, which is used by ISAs and QSAs globally.
PCI DSS 4.0 compliance reporting is available now. More information can be found at titania.com