💼 11.4 Use intrusion-detection and/or intrusion-prevention techniques to detect and/or prevent intrusions into the network.
- ID:
/frameworks/pci-dss-v3.2.1/11/04
Description
Monitor all traffic at the perimeter of the cardholder data environment as well as at critical points in the cardholder data environment, and alert personnel to suspected compromises.
Keep all intrusion-detection and prevention engines, baselines, and signatures up to date.
Similar
- Sections
/frameworks/pci-dss-v4.0/11/05/01/01/frameworks/pci-dss-v4.0/11/05/01/frameworks/pci-dss-v4.0/11/06/01/frameworks/aws-fsbp-v1.0.0/guardduty/01
- Internal
- ID:
dec-c-d7c96f19
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [GuardDuty.1] GuardDuty should be enabled | 1 | no data | |||
| 💼 PCI DSS v4.0 → 💼 11.5.1 Intrusion-detection and/or intrusion-prevention techniques are used to detect and/or prevent intrusions into the network. | 1 | 8 | 9 | no data | |
| 💼 PCI DSS v4.0 → 💼 11.5.1.1 Intrusion-detection and/or intrusion-prevention techniques detect, alert on/prevent, and address covert malware communication channels. | 8 | 9 | no data | ||
| 💼 PCI DSS v4.0 → 💼 11.6.1 A change- and tamper-detection mechanism is deployed. | 9 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 11.5.1 Intrusion-detection and/or intrusion-prevention techniques are used to detect and/or prevent intrusions into the network. | 1 | 8 | 9 | no data | |
| 💼 PCI DSS v4.0 → 💼 11.5.1.1 Intrusion-detection and/or intrusion-prevention techniques detect, alert on/prevent, and address covert malware communication channels. | 8 | 9 | no data | ||
| 💼 PCI DSS v4.0 → 💼 11.6.1 A change- and tamper-detection mechanism is deployed. | 9 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (9)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS GuardDuty is not enabled in all regions🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS VPC Flow Logs are not enabled🟢 | 1 | 🟠 x1, 🟢 x5 | no data |
| 🛡️ Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For App Services is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Containers is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Key Vault is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Servers is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Storage is not set to On🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-9c041667 | 1 |