Qualys and RSA tout card payment security

Security firms Qualys and RSA have formed an alliance to develop offerings based on the Payment Card Industry Data Security Standard (PCI DSS).

Any organisation accepting credit card payments must comply with the standards outlined by the PCI.

Recent data breaches, and the subsequent levying of PCI DSS fines, have reinforced the importance of outlining and meeting data security standards in accordance with these mandates.

The collaboration between RSA and Qualys allows customers to correlate network risk and vulnerability data identified by QualysGuard with information collected by RSA's compliance and security information management tools.

The offering uses Qualys' non-intrusive QualysGuard PCI on-demand scanning technology, which allows partners to evaluate the security of a merchant's network and then prioritise improvements based on the risk the vulnerabilities pose to the organisation's PCI compliance posture.

RSA's envision, meanwhile, provides a platform for collecting, correlating and analysing security and compliance information across the organisation, and supports efforts to track and monitor access to network resources and cardholder data.

The combined set-up provides a comprehensive PCI process that enables organisations to establish PCI compliance best practices, according to the firms.

"The RSA PCI Solutions portfolio is designed to enable merchants to effectively discover and manage credit card information, secure that data, as well as access to the data and related technology systems, and then respond to audits and potential security threats," said Steve Preston, senior director of solutions marketing at RSA.