From the PCI DSS:
Vulnerabilities are being discovered continually by hackers and researchers, and being introduced by new software. Systems, processes, and custom software should be tested frequently to ensure security is maintained over time and with any changes in software.
System, process, and software testing is not a feature of EFT Server; however you can use the daily compliance Report as a guide to determining where you might need to adjust settings to bring them into PCI DSS compliance. You can also use the guidelines provided in Best Practices for Configuration and Validation to assist you with periodic testing.
|
PCI DSS Requirement |
How Requirement is Addressed with EFT Server |
|
11.1 - 11.5 Requirements relating to regular testing of security systems and processes. |
These requirements are external to EFT Server and are defined by your organizational policy. |