PCI DSS Vendor ComplyGuard Networks Announces Support of New Standard

Sept. 13, 2010 - PRLog -- SAN ANTONIO, TX  —  ComplyGuard Networks, a PCI Security Standards Council recognized Qualified Security Assessor and Approved Scan Vendor, announced today that as of September 1, 2010, its proprietary scanning tool ComplyShield™ v3.5 meets the new Program Guide for Approved Scan Vendors.

ComplyShield™ is a SAAS self-service solution that enables anyone to scan their Internet-facing payment network for PCI compliance on demand or at a scheduled time, all under user control.  

ComplyGuard Networks,  the fifth company approved to conduct payments security work,  has worked directly with the PCI Security Standards Council and helped drive adoption of the PCI Data Security Standard since the Council was formed.  

“We are pleased to have integrated the PCI Security Standards Council’s new ASV requirements into the release of ComplyShield™ v3.5,” said Jim Bibles, Director of Business Development for ComplyGuard. “These new requirements provide clarity to the process for ASV scanning and demonstrate the Council’s commitment to embrace the recommendations of the PCI community. ComplyGuard Networks continues to innovate and lead the industry and has taken this opportunity to introduce new features.”
   
Enhanced Asset Discovery
PCI DSS 1.2 and the new Program Guide for Approved Scan Vendors require that merchants identify all Internet-facing systems that are part of the cardholder data environment for PCI scanning. Range Probe™ enhanced automated asset discovery eliminates manual scoping efforts providing improved scope accuracy. Range Probe™ eliminates repeat scans resulting from incorrect manual scoping, saving valuable time.


Simplified Vulnerability Ranking System
Discoveries have always been automatically categorized in ComplyShield™ enabling a user to understand and organize remediation efforts. The Program Guide for Approved Scan Vendors places all discoveries in one of three ratings: high, medium or low severity ratings. This is a change from the previous five categories.

New Report Formats and Compliance Documentation
PCI DSS 1.2 and the new Program Guide for Approved Scan Vendors standardize the report format produced by ASVs. ComplyShield™ generates these reports, including pass/fail status and a prioritized list of discovered vulnerabilities. ComplyShield™ goes beyond the requirements and provides reporting over 128-bit encrypted connections in HTML, and in PDF, XML, or CSV for easy download.

With ComplyShield™ v3.5,   Level 2, 3 or 4 merchants, and Level 2 service providers, will be able to produce a much simpler single page Attestation of Compliance in order to prove completing Requirement 11.2 Quarterly External Scans. (Bank reports or other forms of “certificates” are no longer valid as proof of compliance.)

About ComplyGuard Networks
ComplyGuard Networks has more than 30 years of combined expertise in network security including vulnerability assessments, audit, penetration testing and web application security. Our intellectual property portfolio positions ComplyGuard Networks uniquely in statutory and policy compliance. We can provide any PCI or network security related services you may require.  

For more information, contact us at 210-835-2000 or email info@complyguardnetworks.com. On the Web, visit http://www.complyguardnetworks.com.

# # #

Experts in network security including vulnerability assessments, penetration testing and web application security. Approved by the PCI Security Standards Council for services as an Approved Scan Vendor (ASV) and as a Qualified Security Assessor (QSA).