What's new in PCI DSS content update release

HCL BigFix Compliance PCI Add-on provides additional support and enhancement in the recent update.

For a detailed list of releases, see the PCI DSS Release Notes.

PCI DSS Policy Reporting

The new PCI DSS Policy reporting, which is available in BigFix Compliance Analytics V1.9, identifies the level of compliance for each system within an entire organization based on a specific PCI DSS requirement or PCI DSS milestone. It also provides a report which shows an aggregated view of compliance data across all PCI DSS checklists. To view the available policy reporting, see PCI DSS policies.

Note: BigFix Compliance PCI Add-on provides the PCI DSS Reporting site to allow you to use the Policy feature in BigFix Compliance Analytics V1.9. This site contains the metadata file required for creating the PCI DSS Requirements and Milestones based reports.

Important: You must complete a few other prerequisites before you can use the PCI DSS Policy reporting. For more information, see Setting up the PCI DSS Policy Reports for BigFix Compliance Analytics V1.9 and later.

The PCI DSS Policy reporting enables the following users to prepare and manage compliance for PCI DSS:

Compliance Managers can generate reports from a requirements perspective to prepare for the audit report in accordance with the guidelines provided by the PCI Security Standards Council.
Compliance Managers and organizations can use the milestone report views during early PCI DSS adoption to understand compliance posture and prioritize actions.
IT Managers can map the compliance data to specific computers and assign corresponding personnel to remediate non-compliant checks.

Additional operating system support

BigFix Compliance PCI Add-on continues to expand its support coverage. The following operating systems have been recently supported:

Windows Server 2016: The PCI DSS Checklist for Windows 2016 is based on the guidance provided by the Payment Card Industry Data Security Standard (PCI DSS) v3.2 and contains security configuration checks that evaluate the security settings of your Windows Server 2016 endpoints according to PCI DSS.; Some of the checks allow you to use the parameterized setting to enable customization for compliance evaluation.; Some of the checks also support remediation that allows BigFix operators to efficiently remediate a non-compliance issue with a single action.

Solaris 10 and Solaris 11: The PCI DSS Checklist for Solaris 10 and PCI DSS Checklist for Solaris 11 are based on the guidance provided by the Payment Card Industry Data Security Standard (PCI DSS) v3.2 and contains security configuration checks that evaluate the security settings of your Solaris endpoints according to PCI DSS.; Some of the checks allow you to use the parameterized setting to enable customization for compliance evaluation. Note that parameterization requires the creation of a custom site.; Some of the checks also support remediation that allows BigFix operators to efficiently remediate a non-compliance issue with a single action.

CentOS 6 and CentOS 7: Checks for CentOS 6 are now supported in the PCI DSS Checklist for RHEL 6, while checks for CentOS 7 are now supported in the PCI DSS Checklist for RHEL 7. The checks are based on the existing RHEL 6 and RHEL 7 checks.; If you have not enabled the PCI DSS Checklist for RHEL 6 site or the PCI DSS Checklist for RHEL 7 site before, you can find them listed in the License Overview dashboard as PCI DSS Checklist for RHEL 6, CentOS 6 and PCI DSS Checklist for RHEL 7, CentOS 7. If the sites are already enabled, they are referred to as PCI DSS Checklist for RHEL 6 and PCI DSS Checklist for RHEL 7. Despite the name, the sites support checks for both RHEL and CentOS.
AIX 6.1: The PCI DSS Checklist for AIX 6 is based on the guidance provided by the Payment Card Industry Data Security Standard (PCI DSS) v3.2 and contains security configuration checks that evaluate the security settings of your AIX 6.1 endpoints according to PCI DSS.; Some of the AIX 6 checks allow you to use the parameterized setting to enable customization for compliance evaluation. Note that parameterization requires the creation of a custom site.; The AIX 6 checks do not provide actions that you can take to automatically remediate non-compliant settings on endpoints. However, manual remediation steps are made available in the Fixlet description.
AIX 7.2: The PCI DSS Checklist for AIX 7 is based on the guidance provided by the Payment Card Industry Data Security Standard (PCI DSS) v3.2 and contains security configuration checks that evaluate the security settings of your AIX 7.2 endpoints according to PCI DSS.; Some of the AIX 7 checks allow you to use the parameterized setting to enable customization for compliance evaluation. Note that parameterization requires the creation of a custom site.; The AIX 7 checks do not provide actions that you can take to automatically remediate non-compliant settings on endpoints. However, manual remediation steps are made available in the Fixlet description.

Remedation support for Windows 10, Windows 7, Windows 2012, Windows 2008, and AIX 7

The sites for these operating systems are updated to include more checks with remediation support, allowing BigFix operators to efficiently remediate a non-compliance issue with a single action.