Re: nessus to PCI

From: David Rice (drice39@cox.net)
Date: Wed Jun 22 2005 - 20:58:56 EDT

• Next message: Robert Hines: "RE: Risks associated to branch office IPSec devices"
• Previous message: D K: "Re: CEH training"
• In reply to: Mr Wizard: "Re: nessus to PCI"
• Next in thread: cdewitt@indepthsec.com: "RE: nessus to PCI"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Mr Wizard wrote:

>Unless you can get the Nessus Open Source Vulnerability Scanner
>project team to certify Nessus with the Visa & MasterCard PCI program,
>I would not advise using this tool for client engagements.
>
>Mr. Wizard.
>
>On 6/22/05, Vic N <vic778@hotmail.com> wrote:
>
>
>>Can you be more specific? Is this PCI 1.0? And are you talking about a
>>specific section like section 1 or other sections?
>>
>>
>>
>>>Has anyone had any luck mapping nessus results to the Payment Card Industry
>>>(PCI) Data Security standard?
>>>
>>>
>>
>>
>>
>
>
>
>
I didn't think you could use GNU or open source code for PCI audits and
standards.

• Next message: Robert Hines: "RE: Risks associated to branch office IPSec devices"
• Previous message: D K: "Re: CEH training"
• In reply to: Mr Wizard: "Re: nessus to PCI"
• Next in thread: cdewitt@indepthsec.com: "RE: nessus to PCI"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:28 EDT