Good Morning,
I am required to install a vulnerability scan software for PCI compliance, we are a small business running Lion on some workstations and Mtn Lion on others. In all we have 14 workstations. Can anyone make a suggestion for good basic scan software That we can use on a monthly basis to keep our PCI compliance people happy?
Thanks
iMac, Mac OS X (10.7.5), Some computers running 10.8.3
If you are looking for software to do virus scans, there are no known viruses in the wild for Mac OS X equipment. However, if required to scan, the best software to use is ClamXAV, available for free download from the Mac App Store.
Do not use software from Norton or McAfee for this as their products have been found to do severe damage to the operating system and are extremely difficult to remove.
Also, do not use MacKeeper as it is malware itself and very destructive.
You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Security and Privacy, useful: The User Tip seeks to offer guidance on the main security threats and how to avoid them.
https://discussions.apple.com/docs/DOC-2435
More useful information can also be found here:
www.thesafemac.com/mmg
The simplest solution would be something like the Nessus Suite from Tenable Security...assuming you have someone capable of setting up the scan parameters an running them (ie, someone in your organization who understands both your LOB and security).
At the high-end, you can contract other companies to do this for you.
I can't really offer better suggestions, since I have no idea what Merchant Level you are mandated to meet, your externally facing network footprint, and so on.
Now, I do seem to recall that the guidelines from the PCI consortium require quarterly reporting of vulnerabilities scans of externally facing IP addresses. Why do your PCI Compliance "people" want monthly scans of your internal network?
Anyway, a list of PCI Approved Scanning Vendors is here:
https://www.pcisecuritystandards.org/approved_companies_providers/approved_scann ing_vendors.php (Tenable Network Security is on that list, btw. Not that I'm recommending them one way or another; just want to reassure you that my earlier example was a valid one).
Hi There
I have found www.iscanonline.com to be very good for both mac and pc scanning with an easy to use interface and thorough and very good value at about $2 per machine per month. There is a free trial as well. It also does a good job of scanning for plain text credit card info.
Cheers
Vulnerability Scan Software
