Cygna Labs has been acquired by N3K. Click here to learn more about it.

Meet PCI Compliance Requirements

Request Free Trial
Already have a portal account? Click here to Log In
We don't share your data
Privacy Policy

Protect The Financial Data of Your Payment Card Holders

Industry-Defined Requirements

The Payment Card Industry Data Security Standard (PCI DSS) is a set of minimum requirements, created by the PCI Security Standard Council, that every business processing payment cards (for example, credit or debit cards) must meet in order to protect cardholder data.

Security Standards Protecting Cardholder Data

The standard's purpose is to enforce a thoroughly vetted set of security policies. These policies are designed to prevent the compromise of customer financial data held by merchants or service providers, obtained as a result of payment card transactions.

Monitor Activity on Secured Systems

Cygna Auditor monitors all successful and failed data activity such as file or folder creation, access, updates, deletions, who made the changes and when they were made.

Monitor Activity on Secured Systems
Real-Time Notification of Unusual Activity

Real-Time Notification of Unusual Activity

Cygna Auditor's built-in and custom alerting notifies you of unusual activity such as scripted permission changes or mass file updates typical of ransomware.

Monitor Relevant Group Membership

Review and keep secured system access to a minimum with Cygna Auditor's group reports that show membership of secured system users and administrators.

Monitor Relevant Group Membership
Monitor Secured System Permissions

Monitor Secured System Permissions

Keeping group membership current is only half the battle – you must ensure that permissions on secured systems stay correct. Cygna Auditor's permissions reports enable you to be sure access is correct.

Addressed PCI Compliance Requirements

Cygna Auditor addresses Requirements 7 (Restrict access to cardholder data by business need to know) and 10 (Track and monitor all access to network resources and cardholder data) of the PCI DSS standard.

7.1: Limit access to system components and cardholder data to only those individuals whose job requires such access
10.2.1: Implement automated assessment trails for all individual user accesses to cardholder data
10.2.2: Implement automated assessment trails for all actions taken by any individual with root or administrative privileges
10.2.3: Implement automated assessment trails for access to all audit trails
10.2.4: Implement automated assessment trails for invalid Logical Access attempts
10.2.5: Implement automated assessment trails for use of and changes to identification and authentication mechanisms and all changes, additions, or deletions to accounts with root or administrative privileges
10.2.6: Implement automated assessment trails for initialization of Assessment Logs
10.2.7: Implement automated assessment trails for Creation and Deletion of System Level Objects
10.3: Record at least User Identification, Type of Event, Date and Time, Success or Failure Indication, Origination of Event, and Identity or name of effected data, system component, or resource
10.6: Review logs and security events for all system components to identify anomalies or suspicious activity