If your PCI Scorecard states “Non-Compliant” but all categories show “OK”, you need to verify the appropriate hosts have been flagged to contain credit card data and that the PCI Compliance Full Report is scheduled to run in the Alert Logic® console.
In this scenario, your PCI Scorecard may look similar to the following image.
Note: The PCI Scorecard can be accessed on the Dashboard screen in the Alert Logic console.
Hosts can be flagged as containing credit card data, i.e. identified as a critical asset, in the Alert Logic console. For more information about flagging host or host groups as critical assets, refer to our Identify critical assets documentation.
In addition, make sure the PCI Compliance Full Report is scheduled to run twice a month to correspond with the running of PCI scans and the remediation of vulnerabilities. The PCI Scorecard pulls information from the PCI Compliance Full Report to determine the compliance status. For more information on generating and scheduling reports, refer to our Reports documentation.