PCI Data Security Standard Version 4.0 (PCI DSS 4.0) becomes the official standard when Version 3.2.1 is retired on March 31, 2024. Alert Logic Managed Detection and Response customers now have access to several new reports in the Alert Logic console to help demonstrate compliance with specific requirements of PCI DSS 4.0. These reports simplify your efforts by providing navigation instructions or direct links to available documentation and compliance artifacts (such as configuration settings, security outcomes, log searches, reports, etc.) in the Alert Logic console.
There are 19 new reports listed for specific PCI DSS 4.0 requirements. The new PCI DSS 4.0 Audit reports can be found in the Alert Logic console under > Validate > Reports > Compliance > PCI DSS 4.0 Audit.
PCI DSS Audit Report Mapping
Refer to the following table to determine how the previous PCI DSS Audit reports are replaced by the new PCI DSS 4.0 Audit reports.
| Previous PCI DSS Audit Reports | New PCI DSS 4.0 Audit Reports |
|---|---|
| PCI Requirement 6.6 |
PCI 4.0 Requirement 6.4.1 PCI 4.0 Requirement 6.4.2 PCI 4.0 Requirement 6.4.3 |
| PCI Requirement 10.2.2 | PCI 4.0 Requirement 10.2.1.2 |
| PCI Requirement 10.2.4 | PCI 4.0 Requirement 10.2.1.4 |
| PCI Requirement 10.2.5 | PCI 4.0 Requirement 10.2.1.5 |
| PCI Requirement 10.2.6 | PCI 4.0 Requirement 10.2.1.6 |
| PCI Requirement 10.2.7 | PCI 4.0 Requirement 10.2.1.7 |
| PCI Requirement 10.5.1 | PCI 4.0 Requirement 10.3.1 |
| PCI Requirement 10.5.5 | PCI 4.0 Requirement 10.3.4 |
| PCI Requirement 10.6.1 |
PCI 4.0 Requirement 10.4.1 PCI 4.0 Requirement 10.4.2 |
| PCI Requirement 10.7 | PCI 4.0 Requirement 10.5.1 |
| PCI Requirement 10.8 |
PCI 4.0 Requirement 10.7.1 PCI 4.0 Requirement 10.7.2 |
| PCI Requirement 11.2.1 | PCI 4.0 Requirement 11.3.1 |
| PCI Requirement 11.2.2 | PCI 4.0 Requirement 11.3.2 |
| PCI Requirement 11.4 | PCI 4.0 Requirement 11.5.1 |
| PCI Requirement 11.5 | PCI 4.0 Requirement 11.5.2 |
PCI DSS Audit Report Schedules
The previous version of the PCI DSS Audit reports will be deprecated in the future, and you should disable and replace any report schedules that are using them. However, you should not create new report schedules for the PCI DSS 4.0 Audit reports. Instead, Alert Logic recommends that you create new recurring schedules for the reports or log search queries that they reference or link to.
Note: Report schedules will produce compliance artifacts that can be retrieved from the Downloads page in the Alert Logic console at any time for future audits.
Additional Resources
Learn more with the following Alert Logic documentation:
Comments
0 comments
Please sign in to leave a comment.