Comments on: PCI Compliance tips for Sys Admins https://blog.bluemalkin.net/pci-compliance-tips-for-sys-admins/ A blog about DevOps technologies, tips and tricks. Wed, 02 Oct 2024 03:08:46 +0000 hourly 1 https://wordpress.org/?v=4.9.8 By: Tom Murphy https://blog.bluemalkin.net/pci-compliance-tips-for-sys-admins/#comment-139 Wed, 11 Dec 2013 23:33:25 +0000 http://blog.bluemalkin.net/?p=67#comment-139 Garreth, it’s for requirement 6.6 (option 2)

6.6 For public-facing web applications, address new threats and vulnerabilities on an ongoing basis and ensure these applications are protected against known attacks by either of the following methods:
* Installing a web-application firewall in front of public-facing web applications

]]> By: Garreth https://blog.bluemalkin.net/pci-compliance-tips-for-sys-admins/#comment-137 Wed, 11 Dec 2013 14:48:03 +0000 http://blog.bluemalkin.net/?p=67#comment-137 Which PCI requirement requires a web application firewall to be installed on web servers?

]]> By: Tom Murphy https://blog.bluemalkin.net/pci-compliance-tips-for-sys-admins/#comment-4 Tue, 01 Oct 2013 06:08:55 +0000 http://blog.bluemalkin.net/?p=67#comment-4 Yes Logstash can do the job if you don’t need the extra features of Splunk.

Fluentd (http://fluentd.org) is also another alternative worth checking out.

]]> By: Brendan Beveridge https://blog.bluemalkin.net/pci-compliance-tips-for-sys-admins/#comment-3 Thu, 26 Sep 2013 06:18:48 +0000 http://blog.bluemalkin.net/?p=67#comment-3 Nice list of starting points!

A good alternative to splunk is logstash (http://logstash.net/) which will not cost you an arm and a leg for high volume.

]]>