Risk
7/18/2006
02:38 AM
50%
50%

Cambia Integrates PCI

Cambia Security announced that Cambia CM now includes prescriptive asset configuration policies

ALPHARETTA, Ga. -- Cambia Security, Inc. today announced that its security policy enforcement software, Cambia CM, now includes prescriptive asset configuration policies and reports specific to the Payment Card Industry Data Security Standard (PCI). With these integrated policies, Cambia CM helps companies achieve compliance faster by automating the assessment of network asset configurations with specific elements of PCI.

Because Cambia's agentless software runs continuously, organizations can constantly monitor the compliance of network assets with key PCI requirements. This capability, coupled with Cambia CM's robust PCI reporting, helps companies reduce the staff time required to prepare for a PCI audit or assessment and to maintain desired asset configurations.

"The addition of PCI-specific policies into Cambia CM is a cornerstone of our PCI Protection Program," said Mark Wood, vice president of product management and marketing at Cambia. "These policies, along with Cambia CM's ability to continuously monitor assets for changes that could cause security risk or policy deviation, give companies stronger security and a dramatic reduction in PCI audit preparation time."

Cambia Security Inc.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9710
Published: 2015-05-27
The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time windo...

CVE-2014-9715
Published: 2015-05-27
include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that trig...

CVE-2015-1157
Published: 2015-05-27
CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2)...

CVE-2015-2666
Published: 2015-05-27
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to t...

CVE-2015-2830
Published: 2015-05-27
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate...

Dark Reading Radio
Archived Dark Reading Radio
After a serious cybersecurity incident, everyone will be looking to you for answers -- but you’ll never have complete information and you’ll never have enough time. So in those heated moments, when a business is on the brink of collapse, how will you and the rest of the board room executives respond?