Reports : PCI Compliance Reports

PCI Compliance Reports

Metasploit Pro provides the ability to generate PCI reports for your penetration test. The findings should be used as an appendix for PCI standards testing and not as an actual audit.
Visit PCI for the latest requirements document.
Metasploit Pro tests for and reports on the following PCI standards:
·
2.2.1 – Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server.
·
·
6.1 – Ensure that all system components and software have the latest vendor-supplied security patches installed. Deploy critical patches within a month of release.
·
·
8.4 – Render all passwords unreadable for all system components both in storage and during transmission using strong cryptography based on approved standards.
·
·
·
·