|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: nessus to PCI
From: Dan Tesch (dan.tesch
comcast.net)
Date: Wed Jun 22 2005 - 17:00:22 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Even if Nessus was certified, MC/Visa have a Qualified Security Assessors
list that I believe you must choose from
as of 12/20/04 it was at
https://sdp.mastercardintl.com/vendors/vendor_list.shtml - you could use
Nessus for preliminary
scans though and I think that some of the "Qualified Assessors" may use
Nessus as I have seen things that suggest it
in logs.
Unless you can get the Nessus Open Source Vulnerability Scanner project team
to certify Nessus with the Visa & MasterCard PCI program, I would not advise
using this tool for client engagements.
Mr. Wizard.
On 6/22/05, Vic N <vic778hotmail.com> wrote:
> Can you be more specific? Is this PCI 1.0? And are you talking about
> a specific section like section 1 or other sections?
>
> >Has anyone had any luck mapping nessus results to the Payment Card
> >Industry
> >(PCI) Data Security standard?
>
>
>
--
I know because I must know...
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]