valitydev/wazuh-kibana-app
14
0
Fork 0
mirror of https://github.com/valitydev/wazuh-kibana-app.git synced 2024-11-06 09:55:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Working on PCI Tab. Agents (2)

Browse Source
This commit is contained in:
Pedro Sanchez 2017-01-30 10:38:33 -08:00
parent 68be3510f1
commit 3b3df31742
8 changed files with 127 additions and 160 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
public/controllers/agentsPci.js
View File

@ -1,9 +1,30 @@
// Require config
var app = require('ui/modules').get('app/wazuh', []);
app.controller('PCIController', function ($scope, DataFactory, $mdToast, errlog, appState) {
app.controller('PCIController', function ($scope, DataFactory, $mdToast, errlog, appState, genericReq) {
$scope.defaultManagerName = appState.getDefaultManager().name;
var tabs = [];
genericReq.request('GET', '/api/wazuh-api/pci/all').then(function (data) {
angular.forEach(data, function(value, key) {
tabs.push({"title": key, "content": value});
});
});
$scope.tabs = tabs;
$scope.selectedIndex = 0;
$scope.addTab = function (title, view) {
view = view || title + " Content View";
tabs.push({ title: title, content: view, disabled: false});
};
$scope.removeTab = function (tab) {
var index = tabs.indexOf(tab);
tabs.splice(index, 1);
};
//Print Error
var printError = function (error) {
$mdToast.show({

22
public/controllers/overview.js
View File

@ -38,10 +38,30 @@ app.controller('overviewAuditController', function ($scope, DataFactory, generic
});
app.controller('overviewPCIController', function ($scope, DataFactory, genericReq, $mdToast, errlog) {
app.controller('overviewPCIController', function ($scope, $compile, DataFactory, genericReq, $mdToast, errlog) {
$scope.load = true;
$scope.$parent.state.setOverviewState('pci');
$scope.defaultManager = $scope.$parent.state.getDefaultManager().name;
var tabs = [];
genericReq.request('GET', '/api/wazuh-api/pci/all').then(function (data) {
angular.forEach(data, function(value, key) {
tabs.push({"title": key, "content": value});
});
});
$scope.tabs = tabs;
$scope.selectedIndex = 0;
$scope.addTab = function (title, view) {
view = view || title + " Content View";
tabs.push({ title: title, content: view, disabled: false});
};
$scope.removeTab = function (tab) {
var index = tabs.indexOf(tab);
tabs.splice(index, 1);
};
});

2
public/directives/kibanaSearchbarDirective.js
View File

@ -128,10 +128,12 @@ require('ui/modules').get('app/wazuh', []).controller('kibanaSearchBar', functio
});
/* Disabled
$timeout(
function() {
injectTipLeyend();
}, 3000);
*/
// Listen for destroy
$scope.$on('$destroy', visCounterWatch);

202
public/templates/agents-pci.html
View File

@ -3,153 +3,59 @@
<md-progress-linear class="md-accent" md-mode="indeterminate" ng-show="load"></md-progress-linear>
<kbn-searchbar></kbn-searchbar>
<md-content layout="row" layout-align="center stretch">
<md-card flex="20" layout="column">
<md-card-content style="text-align: center;">
<kbn-vis vis-height="70px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(field:oscap.scan.score,customLabel:'Higher score'),schema:metric,type:max)),listeners:(),params:(fontSize:19,handleNoResults:!t),title:'New%20Visualization',type:metric))" vis-filter="agent.name: {{_agent.name}}"></kbn-vis>
</md-card-content>
</md-card>
<md-card flex="20" layout="column">
<md-card-content style="text-align: center;">
<kbn-vis vis-height="70px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(field:oscap.scan.score,customLabel:'Lower score'),schema:metric,type:min)),listeners:(),params:(fontSize:19,handleNoResults:!t),title:'New%20Visualization',type:metric))" vis-filter="agent.name: {{_agent.name}}">
</kbn-vis>
</md-card-content>
</md-card>
<md-card flex="20" layout="column">
<md-card-content style="text-align: center; margin-top: 6px; ">
<kbn-vis-value style="margin-top: 6px" vis-height="37px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(field:'@timestamp'),schema:metric,type:max),(enabled:!t,id:'2',params:(field:oscap.scan.score,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))" vis-filter="agent.name: {{_agent.name}}"></kbn-vis-value>
<div class="ng-binding">Last score</div>
</md-card-content>
</md-card>
<md-card flex="40" layout="column">
<md-card-content style="text-align: center;">
<kbn-vis-value vis-height="37px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(field:'@timestamp'),schema:metric,type:max),(enabled:!t,id:'2',params:(field:oscap.scan.profile.title,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))" vis-filter="oscap.check.result: fail AND rule.groups: oscap AND agent.name: {{_agent.name}}"></kbn-vis-value>
<div class="ng-binding">Last scan profile</div>
</md-card-content>
</md-card>
</md-content>
<md-content layout="row" layout-align="center stretch">
<md-card flex="25">
<md-card-title>
<md-card-title-text>
<span class="md-headline">Scans</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis vis-height="154px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.scan.id,order:desc,orderBy:'1',size:5),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Agents',type:pie))"
vis-filter="agent.name: {{_agent.name}}">
</kbn-vis>
</md-card-content>
</md-card>
<md-card flex="25">
<md-card-title>
<md-card-title-text>
<span class="md-headline">Profiles</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis vis-height="154px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'3',params:(field:oscap.scan.profile.title,order:desc,orderBy:'1',size:5),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Profiles',type:pie))"
vis-filter="oscap.check.result: fail AND rule.groups:oscap AND NOT rule.groups: syslog AND agent.name: {{_agent.name}}">
</kbn-vis>
</md-card-content>
</md-card>
<md-card flex="25">
<md-card-title>
<md-card-title-text>
<span class="md-headline">Content</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis vis-height="154px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.scan.content,order:desc,orderBy:'1',size:5),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Content',type:pie))"
vis-filter="oscap.check.result: fail AND rule.groups:oscap AND NOT rule.groups: syslog AND agent.name: {{_agent.name}}">
</kbn-vis>
</md-card-content>
</md-card>
<md-card flex="25">
<md-card-title>
<md-card-title-text>
<span class="md-headline">Severity</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis vis-height="154px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.check.severity,order:desc,orderBy:'1',size:5),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Content',type:pie))"
vis-filter="oscap.check.result: fail AND rule.groups:oscap AND NOT rule.groups: syslog AND agent.name: {{_agent.name}}">
</kbn-vis>
</md-card-content>
</md-card>
</md-content>
<md-content layout="row" layout-align="center stretch">
<md-card flex="100">
<md-card-title>
<md-card-title-text>
<span class="md-headline">Daily scans evolution</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis vis-height="160px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'rule.groups:oscap%20AND%20agent.name:localCentos')),uiState:(vis:(legendOpen:!f)),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(customInterval:'2h',customLabel:'Daily scans',extended_bounds:(),field:'@timestamp',interval:d,min_doc_count:1),schema:segment,type:date_histogram)),listeners:(),params:(addLegend:!t,addTimeMarker:!f,addTooltip:!t,defaultYExtents:!f,legendPosition:right,mode:stacked,scale:linear,setYExtents:!f,shareYAxis:!t,times:!(),yAxis:()),title:'New%20Visualization',type:histogram))"
vis-filter="rule.groups: oscap AND oscap.check.result:fail AND agent.name: {{_agent.name}}">
</kbn-vis>
</md-card-content>
</md-card>
</md-content>
<md-content layout="row" layout-align="center stretch">
<md-card flex="50">
<md-card-title>
<md-card-title-text>
<span class="md-headline">Top 10 - Alerts</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis class="vis-expand-leyend" vis-height="300px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.check.title,order:desc,orderBy:'1',size:10),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!f,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Top%2020%20failed%20checks',type:pie))"
vis-filter="oscap.check.result: fail AND rule.groups:oscap AND rule.groups: oscap-result AND oscap.check.result:fail AND agent.name: {{_agent.name}}">
</kbn-vis>
</md-card-content>
</md-card>
<md-card flex="50">
<md-card-title>
<md-card-title-text>
<span class="md-headline">Top 10 - High risk alerts</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis class="vis-expand-leyend" vis-height="300px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.check.title,order:desc,orderBy:'1',size:10),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!f,legendPosition:right,shareYAxis:!t),title:'OSCAP%20Top%2020%20failed%20checks',type:pie))"
vis-filter="oscap.check.severity: high AND oscap.check.result: fail AND rule.groups:oscap AND rule.groups: oscap-result AND oscap.check.result:fail AND agent.name: {{_agent.name}}">
</kbn-vis>
</md-card-content>
</md-card>
</md-content>
<md-content layout="row" layout-align="center stretch" >
<md-card flex="100" layout="column">
<md-card-content style="text-align: center;">
<kbn-vis-value vis-height="44px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:oscap.check.title,order:desc,orderBy:'1',size:1),schema:bucket,type:terms)),listeners:(),params:(perPage:1,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))" vis-filter="oscap.check.result: fail AND rule.groups:oscap AND agent.name: {{_agent.name}}">
</kbn-vis-value>
<div class="ng-binding">Top alert</div>
</md-card-content>
</md-card>
</md-content>
<md-content layout-align="center stretch">
<md-card flex>
<md-card-title>
<md-card-title-text>
<span class="md-headline">Last alerts</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis vis-height="450px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(customLabel:'Agent name',field:agent.name,order:desc,orderBy:'1',size:99999),schema:bucket,type:terms),(enabled:!t,id:'3',params:(customLabel:Title,field:oscap.check.title,order:desc,orderBy:'1',size:999999999),schema:bucket,type:terms),(enabled:!t,id:'4',params:(customLabel:Profile,field:oscap.scan.profile.title,order:desc,orderBy:'1',size:999999999),schema:bucket,type:terms),(enabled:!t,id:'5',params:(customLabel:'Scan ID',field:oscap.scan.id,order:desc,orderBy:'1',size:999999999),schema:bucket,type:terms),(enabled:!t,id:'6',params:(customLabel:Content,field:oscap.scan.content,order:desc,orderBy:'1',size:5),schema:bucket,type:terms)),listeners:(),params:(perPage:10,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'New%20Visualization',type:table))"
vis-filter='oscap.check.result: fail AND rule.groups: oscap AND agent.name: {{_agent.name}}'>
</kbn-vis>
</md-card-content>
</md-card>
</md-content>
<md-card flex>
<md-tabs md-selected="selectedIndex" md-border-bottom md-dynamic-height id="pciReq_tab">
<md-tab ng-repeat="tab in tabs" ng-disabled="tab.disabled" label="{{tab.title}}">
<md-content style="background-color: white;" class="md-padding">
<h1 class="md-display-2" style="line-height: 40px; margin: 0;">PCI DSS Requirement: {{tab.title}}</h1>
<div ng-bind-html="tab.content"></div>
</md-content>
</md-tab>
</md-tabs>
</md-card>
</md-content>
<md-content layout="row" layout-align="center stretch">
<md-card flex="70">
<md-card-title>
<md-card-title-text>
<span class="md-headline">Requirements</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis vis-height="188px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'3',params:(field:rule.pci_dss,order:desc,orderBy:'1',size:10),schema:group,type:terms)),listeners:(),params:(addLegend:!t,addTimeMarker:!f,addTooltip:!t,defaultYExtents:!f,legendPosition:bottom,mode:grouped,orderBucketsBySum:!f,scale:linear,setYExtents:!f,shareYAxis:!t,times:!(),yAxis:()),title:'New%20Visualization',type:histogram))"
vis-filter="_exists_:rule.pci_dss AND agent.name: {{_agent.name}}"">
</kbn-vis>
</md-card-content>
</md-card>
<md-card flex="30">
<md-card-title>
<md-card-title-text>
<span class="md-headline">Groups</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis vis-height="188px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'3',params:(field:rule.groups,order:desc,orderBy:'1',size:5),schema:segment,type:terms)),listeners:(),params:(addLegend:!t,addTooltip:!t,isDonut:!t,legendPosition:right,shareYAxis:!t),title:'Groups',type:pie))"
vis-filter="_exists_:rule.pci_dss AND agent.name: {{_agent.name}}"">
</kbn-vis>
</md-card-content>
</md-card>
</md-content>
<md-content layout-align="center stretch">
<md-card flex>
<md-card-title>
<md-card-title-text>
<span class="md-headline">Last alerts</span>
</md-card-title-text>
</md-card-title>
<md-card-content>
<kbn-vis vis-height="450px" vis-index-pattern="wazuh-alerts-*" vis-a="(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:3,direction:desc)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'4',params:(customLabel:'Agent name',field:agent.name,order:desc,orderBy:'1',size:99999999),schema:bucket,type:terms),(enabled:!t,id:'5',params:(customLabel:Requirement,field:rule.pci_dss,order:desc,orderBy:'1',size:99999999),schema:bucket,type:terms),(enabled:!t,id:'6',params:(customLabel:'Rule description',field:rule.description,order:desc,orderBy:'1',size:99999999),schema:bucket,type:terms)),listeners:(),params:(perPage:10,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'Requirements%20by%20agent',type:table))"
vis-filter="_exists_:rule.pci_dss AND agent.name: {{_agent.name}}"">
</kbn-vis>
</md-card-content>
</md-card>
</md-content>
</div>
</md-content>

14
public/templates/overview-pci.html
View File

@ -2,7 +2,19 @@
<kbn-searchbar></kbn-searchbar>
<md-content layout="row" layout-align="center stretch">
<md-card flex>
<md-tabs md-selected="selectedIndex" md-border-bottom md-dynamic-height id="pciReq_tab">
<md-tab ng-repeat="tab in tabs" ng-disabled="tab.disabled" label="{{tab.title}}">
<md-content style="background-color: white;" class="md-padding">
<h1 class="md-display-2" style="line-height: 40px; margin: 0;">PCI DSS Requirement: {{tab.title}}</h1>
<div ng-bind-html="tab.content"></div>
</md-content>
</md-tab>
</md-tabs>
</md-card>
</md-content>
<md-content layout="row" layout-align="center stretch">
<md-card flex="70">
<md-card-title>

2
public/templates/overview.head
View File

@ -20,7 +20,7 @@
<md-content layout="row" layout-align="space-between start" class="horizontalTabsBar">
<md-content class="horizontalTabsBar" layout="column" layout-align="center start" ng-init="tabView = 'panels'; submenuNavItem = 'pci'">
<md-content class="horizontalTabsBar" layout="column" layout-align="center start" ng-init="tabView = 'panels'; submenuNavItem = 'general'">
<md-nav-bar style="padding-right: 0px;" md-selected-nav-item="submenuNavItem" nav-bar-aria-label="navigation submenu">
<md-nav-item md-nav-click="submenuNavItem = 'general'" name="general">General</md-nav-item>
<md-nav-item md-nav-click="submenuNavItem = 'fim'" name="fim">File integrity</md-nav-item>

6
server/routes/wazuh-api.js
View File

@ -114,6 +114,12 @@ module.exports = function (server, options) {
server.log([blueWazuh, 'initialize', 'error'], 'Exception: ' + e);
};
var pci_description = "";
if(req.params.requirement == "all"){
reply(pciRequirements);
return;
}
if(pciRequirements[req.params.requirement])
pci_description = pciRequirements[req.params.requirement];
reply({pci: {requirement: req.params.requirement, description: pci_description}});

14
server/scripts/integration_files/pci_requirements.json
View File

@ -1,4 +1,10 @@
{
"2.2" : "Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry accepted system hardening standards (CIS, ISO, SANS, NIST).",
"2.2.2" : "Enable only necessary services, protocols, daemons, etc., as required for the function of the system. ",
"2.2.4" : "Configure system security parameters to prevent misuse.",
"4.1" : "Use strong cryptography and security protocols (for example, SSL/TLS, IPSEC, SSH, etc.) to safeguard sensitive cardholder data during transmission over open, public networks, including the following:<br><ul><li>Only trusted keys and certificates are accepted.</li><li>The protocol in use only supports secure versions or configurations.</li><li>The encryption strength is appropriate for the encryption methodology in use</li></ul>",
"6.5" : "Address common coding vulnerabilities in software development processes as follows:<br><ul><li>Train developers in secure coding techniques, including how to avoid common coding vulnerabilities, and understanding how sensitive data is handled in memory.</li><li>Develop applications based on secure coding guidelines</li></ul>",
"8.5.1" : "Additional requirement for service providers: Service providers with remote access to customer premises (for example, for support of POS systems or servers) must use a unique authentication credential (such as a password/phrase) for each customer.",
"10.2.2" : "All actions taken by any individual with root or administrative privileges.",
"10.2.4" : "Invalid logical access attempts",
"10.2.5" : "Use of and changes to identification and authentication mechanisms including but not limited to creation of new accounts and elevation of privileges and all changes, additions, or deletions to accounts with root or administrative privileges.",
@ -9,11 +15,5 @@
"10.6" : "Review logs and security events for all system components to identify anomalies or suspicious activity",
"10.6.1" : "Review the following at least daily: <br><ul><li>All security events</li><li>Logs of all system components that store, process, or transmit CHD and/or SAD, or that could</li>impact the security of CHD and/or SAD</li><li>Logs of all critical system components</li><li>Logs of all servers and system components that perform security functions (for example, firewalls, intrusion detection systems/intrusion prevention systems (IDS/IPS), authentication servers, ecommerce redirection servers, etc.)</li></ul>",
"11.4" : "Use intrusion detection and/or intrusion prevention techniques to detect and/or prevent intrusions into the network.<br>Monitor all traffic at the perimeter of the cardholder data environment as well as at critical points in the cardholder data environment, and alert personnel to suspected compromises. Keep all intrusion detection and prevention engines, baselines, and signatures up to date.",
"11.5" : "Deploy a change detection mechanism (for example, file integrity monitoring tools) to alert personnel to unauthorized modification of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons at least weekly.",
"2.2" : "Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry accepted system hardening standards (CIS, ISO, SANS, NIST).",
"2.2.2" : "Enable only necessary services, protocols, daemons, etc., as required for the function of the system. ",
"2.2.4" : "Configure system security parameters to prevent misuse.",
"4.1" : "Use strong cryptography and security protocols (for example, SSL/TLS, IPSEC, SSH, etc.) to safeguard sensitive cardholder data during transmission over open, public networks, including the following:<br><ul><li>Only trusted keys and certificates are accepted.</li><li>The protocol in use only supports secure versions or configurations.</li><li>The encryption strength is appropriate for the encryption methodology in use</li></ul>",
"6.5" : "Address common coding vulnerabilities in software development processes as follows:<br><ul><li>Train developers in secure coding techniques, including how to avoid common coding vulnerabilities, and understanding how sensitive data is handled in memory.</li><li>Develop applications based on secure coding guidelines</li></ul>",
"8.5.1" : "Additional requirement for service providers: Service providers with remote access to customer premises (for example, for support of POS systems or servers) must use a unique authentication credential (such as a password/phrase) for each customer."
"11.5" : "Deploy a change detection mechanism (for example, file integrity monitoring tools) to alert personnel to unauthorized modification of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons at least weekly."
}