最后更新于2024年2月20日星期二17:03:38 GMT

By: Dominick Vitolo, VP of Security 服务, MegaplanIT

As a Certified Qualified Security Assessor (QSA) company 和 a trusted Rapid7 partner, MegaplanIT is committed to guiding organizations through the complexities of compliance 和 security st和ards.

PCI DSS 版本4.0 is a significant update on the horizon 和 is set to take effect March 31, 2025. One of the key changes around vulnerability scanning within this update is requirement 11.3.1.2. This new requirement m和ates authenticated internal vulnerability scans.

在这里, we’ll shed light on why organizations should immediately transition to authenticated vulnerability scanning 和 how Rapid7’s InsightVM 能促进这一根本性的改变吗.

PCI DSS的移位.0

新要求11.3.1.2

PCI dss4下.0、要求11.3.1.2 introduces the need for authenticated internal vulnerability scans, marking a departure from the widely practiced unauthenticated scans.

目前, many organizations rely on unauthenticated scanning which, 而有用的, 提供对系统漏洞的有限可见性. In previous versions the PCI DSS never specifically called out the need for authenticated vulnerability scanning internally, 哪一个导致需求服从于解释.

这是退休后的既定程序.3.1 remains applicable 和 is complemented by the new requirement m和ating authenticated internal vulnerability scans.

  • 扫描必须至少每三个月进行一次.
  • All high-risk 和 critical vulnerabilities – as defined by the entity's own risk rankings established in Requirement 6.3.1 -必须加以补救.
  • Follow-up rescans are required to verify the resolution of these high-risk 和 critical vulnerabilities.
  • The scanning tool used must be regularly updated with the latest vulnerability information.
  • The scans must be carried out by qualified individuals, 和 there must be an organizational separation between the testers 和 the systems they are testing.

MegaplanIT Perspective: Why Adopt Authenticated Scanning Now Before the Requirement Takes Effect?

  1. 更深入的安全见解:经过身份验证的扫描更深入地研究系统, uncovering vulnerabilities that unauthenticated scans may miss. 这种深度对于维护健壮的安全性至关重要.
  2. 主动合规策略: We always advocate for early adoption of new st和ards. It allows for a smoother transition 和 avoids the rush associated with impending compliance deadlines. Authenticated vulnerability scanning typically uncovers a greater number of vulnerabilities than unauthenticated scanning. 因此, this will necessitate a greater allocation of internal resources for planning 和 executing remediation strategies.
  3. 加强风险管理: Authenticated scanning enables more effective identification 和 remediation of vulnerabilities, thus fortifying your defense against potential breaches. Authenticated vulnerability scanning may also lead to a reduced number of false positives.
  4. 运营效率: Early adoption allows for the refinement of scanning processes, ensuring they become a seamless part of your security routine 和 may also lead to a reduced amount of false positives.

Rapid7的InsightVM如何适应这种转变

基于证书扫描

InsightVM's capability to perform scans with provided credentials aligns perfectly with the authenticated scanning requirements of PCI DSS 4.0. Scanning with credentials allows you to gather information about your network 和 assets that you could not otherwise access. You can inspect assets for a wider range of vulnerabilities or security policy violations.

另外, authenticated scans can check for software applications 和 packages as well as verify patches. 当您使用凭据扫描站点时, target assets in that site authenticate the Scan Engine as they would an authorized user.

利用Rapid7 Insight Agent

Rapid7’s universal Insight Agent gathers extensive vulnerability data, supporting the authenticated scanning process effectively.

实现InsightVM的优势

  • 全面的检测: InsightVM is equipped with a vast 和 continuously updated repository of known vulnerabilities 和 identification of configuration issues.
  • 针对性补救指导: Detailed insights facilitate prioritized 和 effective remediation efforts.
  • 友好的用户界面: IT teams experience a simplified transition, making the process less daunting.

Transitioning to authenticated internal vulnerability scanning in order to meet the control requirements of PCI DSS 4.0 is a crucial step towards strengthening your organization’s security posture. As a certified QSA, MegaplanIT strongly recommends that organizations begin this shift now.

Tools like Rapid7’s InsightVM are pivotal in this journey, 提供全面的, 可伸缩的, 用户友好的解决方案. 今天就拥抱这个改变吧, 您的组织将不仅是合规的, but also significantly more secure against ever-evolving cyber threats.