Upload File

panfinder - comforte

2
Requirements NonStop System: G06.27 or later H06.07 or later J06.04 or later PAN data discovery PANfinder™ is a sophisticated yet inexpensive software tool which scans your systems for unmasked and non-encrypted payment card data or PANs (Primary Account Numbers). Whether you're at the start of a PCI-DSS compliance project or you're already certified, PANfinder will help to research your PCI-DSS scope and to meet PCI-DSS requirements 3.2, 3.4, and 6.4.3. PANfinder™ provides a method of scanning your systems for readable/unprotected PAN data. Once found, you can take steps to secure or remove that data. When there are no unsecured PANs residing on your system, PANfinder helps you prove all your PANs are being stored in accordance with PCI-DSS. By building up a history of clean PANfinder reports, you're well placed to provide auditors with proof of historic compliance. Why Do You Need PANfinder? There are two ways of sweeping your systems looking for PANs. The first is by manually checking every file – clearly not viable. The second is with an intelligent software tool. Configuration & False Positive Reduction PANfinder™ has many flexible configuration options as to how and when it performs its searches. Specific files and folders can be included/excluded as required. Easy to import your own BIN/IIN PAN prefix database into PANfinder if required. PANfinder's CPU usage and priority can be configured to ensure minimal impact on CPU overhead during scanning. Built in intelligence ensures highly accurate results and minimizes false positives. FASTscan™ Once a predetermined number of PANs has been found in a file, PANfinder can move on to the next file, vastly increasing the speed of initial system scans. Change-detection: once an initial scan has been carried out, PANfinder can be set to only scan files which have been changed/edited since its previous scan – vastly increa- sing overall scan speeds. PANfinder can be configured to only search files which have previously been identi- fied as containing suspect PAN data – ideal for checking successful removal/encryption of PAN data. PANfinder PCI-DSS PCI-DSS requirement 3.2 states "Do not store sensitive authentication data (SAD) after authorization" PCI-DSS requirement 3.4 states “Render PAN, at minimum, unreadable anywhere it is stored” PCI-DSS requirement 6.4.3 states “Production data (live PANs) are not used for testing or development” How do you know exactly where on your system and on which systems PANs are stored? Can you prove you’re not storing unprotected PAN and SAD data? Can you prove you don’t have live PANs residing on your systems in unauthorized locations? PANfinder can help you answer "yes" to those three questions by providing auditors and QSAs with clear and concise reports.

Upload: others

Post on 19-Oct-2021

4 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: PANfinder - comforte

Requirements

NonStop System: G06.27 or later H06.07 or later

J06.04 or later

PAN data discovery

PANfinder™ is a sophisticated yet inexpensive software tool which scans your systems for unmasked and non-encrypted payment card data or PANs (Primary Account Numbers).Whether you're at the start of a PCI-DSS compliance project or you're already certified,PANfinder will help to research your PCI-DSS scope and to meet PCI-DSS requirements 3.2,3.4, and 6.4.3.

PANfinder™ provides a method of scanning your systems for readable/unprotected PANdata. Once found, you can take steps to secure or remove that data. When there are nounsecured PANs residing on your system, PANfinder helps you prove all your PANs are beingstored in accordance with PCI-DSS. By building up a history of clean PANfinder reports,you're well placed to provide auditors with proof of historic compliance.

Why Do You Need PANfinder?There are two ways of sweeping your systems looking for PANs. The first is by manuallychecking every file – clearly not viable. The second is with an intelligent software tool.

Configuration & False Positive Reduction• PANfinder™ has many flexible configuration options as to how and when it performs its searches. Specific files and folders can be included/excluded as required.• Easy to import your own BIN/IIN PAN prefix database into PANfinder if required.• PANfinder's CPU usage and priority can be configured to ensure minimal impact on CPU overhead during scanning.• Built in intelligence ensures highly accurate results and minimizes false positives.

FASTscan™• Once a predetermined number of PANs has been found in a file, PANfinder can move on to the next file, vastly increasing the speed of initial system scans.• Change-detection: once an initial scan has been carried out, PANfinder can be set to only scan files which have been changed/edited since its previous scan – vastly increa- sing overall scan speeds.• PANfinder can be configured to only search files which have previously been identi- fied as containing suspect PAN data – ideal for checking successful removal/encryption of PAN data.

PANfinder™

PCI-DSS• PCI-DSS requirement 3.2 states "Do not store sensitive authentication data (SAD) after authorization"• PCI-DSS requirement 3.4 states “Render PAN, at minimum, unreadable anywhere it is stored”• PCI-DSS requirement 6.4.3 states “Production data (live PANs) are not used for testing or development”

How do you know exactly where on your system and on which systems PANs are stored?

Can you prove you’re not storing unprotected PAN and SAD data?

Can you prove you don’t have live PANs residing on your systems in unauthorized locations?

PANfinder can help you answer "yes" to those three questions by providing auditors andQSAs with clear and concise reports.

comforte_PANfinder_11/2017.qxp_Layout 1 12.05.19 09:54 Seite 1

Page 2: PANfinder - comforte

Reports & SIEM Integration• Summary and Detailed reports are generated as CSV files, making storage and analysis easy.• As you'd expect, suspected PANs within the reports are masked in accordance with PCI-DSS.• Use the Syslog output to integrate PANfinder into SIEM (Security Information and Event Management)/enterprise audit logging solutions such as LogLogic, RSA enVision etc.

A PANfinder report provides all the detail you need

A summary scan is perfect for quickly discovering where the majority of suspected PANsare located

Agent ModePANfinder can run in agent mode where it constantly monitors the configured file set forsuspect PAN data.

PlatformsPANfinder is the only PAN data discovery tool for HP NonStop environments, including S Series, Itanium and Blades.

For distribution partners in your region visit comForte’s homepagewww.comforte.com

PANfinder™ was developed by 4tech Software® Ltd. PANfinder™ and FASTscan™ are trademarks of 4tech Software® Ltd.All other trademarks are acknowledged.*2019 comforte AG. All rights reserved. 99909_5/2019

comforte AG, Germanyphone +49 (0) 611 [email protected]

comforte, Inc., USAphone +1-303 256 [email protected]

comforte Asia Pte. Ltd., Singaporephone +65 6818 [email protected]

comforte Pty Ltd, Australiaphone +61 2 8197 [email protected]

www.comforte.com

PANfinder

comforte_PANfinder_11/2017.qxp_Layout 1 12.05.19 09:54 Seite 2


Roger Stritmatter - The biblical origin of Edward de Vere’s dedicatory poem in Cardan’s Comforte

comForte CSL: a messaging middleware framework for HP NonStop

COMFORTE SECURDPS ENTERPRISE SOLUTION FOR GDPR · In this deployment option, the Management Console, Audit Console and PNs are deployed on-premises. The applications can talk to PNs

comforte Payments Suite – Enabling digital payments ... · The comforte Payments Suite has been built from the gro und up to best address the needs of payments providers in a world

ComforteCX - Re3comre3com.nl/contents/uploads/downloads/6_1.priva-comforte-cx... · ComforteCX Veiligheidsinstructies Inverbandmetdeveiligheidgeldendevolgenderegels: BijgebruikbuitendeaangegevenspecificatiesvervaltdegarantieenaanvaardtPriva

2014 02 comForte SecurTape product

ComfortEurope Gezi Program ComfortE rope Ge i Program( Guggenheim Müzesi, Monumento del Sagrado Corazon Anıtı, Plaza Moyua görülecek yerler arasında ) 19:00 : Bilbao’dan hareket

The Boke of Comforte Agaynste All Trybulacyonsseas3.elte.hu/anachronist/2006Ecsedy.pdfThe AnaChronisT 12 (2006): 1–21 ISSN 1219–2589 Ágnes Ecsedy The Boke of Comforte Agaynste

Enterprise Tokenization with SecurDPS - comforte · 2020-01-16 · Enterprise Tokenization with SecurDPS Core Concepts & Architecture ... SB_Enterprise_Tokenization_12_1_2020.qxp_Layout

comforte Payments Suite Benchmark Report

Solution Brief comforte Data Protection

PRIVA COMFORTE CX2

FICHA-LINUS-SOFT · 2019. 12. 30. · petróleo. GARANTI'A 10 ANOS / Seat cushion combined with Biofoam Comforte foam, it does not contain toxic elements, does not have medical contra-