Skip to main content

πŸ’Ό 11.4 Use intrusion-detection and/or intrusion-prevention techniques to detect and/or prevent intrusions into the network.

  • Contextual name: πŸ’Ό 11.4 Use intrusion-detection and/or intrusion-prevention techniques to detect and/or prevent intrusions into the network.

  • ID: /frameworks/pci-dss-v3.2.1/11/04

  • Located in: πŸ’Ό 11 Regularly test security systems and processes.

Description​

Monitor all traffic at the perimeter of the cardholder data environment as well as at critical points in the cardholder data environment, and alert personnel to suspected compromises.

Keep all intrusion-detection and prevention engines, baselines, and signatures up to date.

Similar​

  • Sections
    • /frameworks/pci-dss-v4.0/11/05/01/01
    • /frameworks/pci-dss-v4.0/11/05/01
    • /frameworks/pci-dss-v4.0/11/06/01
    • /frameworks/aws-fsbp-v1.0.0/guardduty/01
  • Internal
    • ID: dec-c-d7c96f19

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [GuardDuty.1] GuardDuty should be enabled
πŸ’Ό PCI DSS v4.0 β†’ πŸ’Ό 11.5.1 Intrusion-detection and/or intrusion-prevention techniques are used to detect and/or prevent intrusions into the network.188
πŸ’Ό PCI DSS v4.0 β†’ πŸ’Ό 11.5.1.1 Intrusion-detection and/or intrusion-prevention techniques detect, alert on/prevent, and address covert malware communication channels.88
πŸ’Ό PCI DSS v4.0 β†’ πŸ’Ό 11.6.1 A change- and tamper-detection mechanism is deployed.8

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PCI DSS v4.0 β†’ πŸ’Ό 11.5.1 Intrusion-detection and/or intrusion-prevention techniques are used to detect and/or prevent intrusions into the network.188
πŸ’Ό PCI DSS v4.0 β†’ πŸ’Ό 11.5.1.1 Intrusion-detection and/or intrusion-prevention techniques detect, alert on/prevent, and address covert malware communication channels.88
πŸ’Ό PCI DSS v4.0 β†’ πŸ’Ό 11.6.1 A change- and tamper-detection mechanism is deployed.8

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (8)​

PolicyLogic CountFlags
πŸ“ AWS VPC Flow Logs are not enabled 🟒1🟠 x1, 🟒 x5
πŸ“ Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For App Services is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Containers is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Key Vault is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Servers is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On 🟒1🟒 x6
πŸ“ Azure Subscription Microsoft Defender For Storage is not set to On 🟒1🟒 x6

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-9c0416671