Sept. 12, 2012
Software maker Splunk Inc. is going after retailers with a new version of its PCI reporting and analysis application for businesses that want to accept credit cards, but don't want the hassle of a full-blown security and information event management (SIEM) tool.
According to a press release, Splunk App for PCI Compliance 2.0 provides simple, basic reporting and data analysis sufficient to meet the rigors of PCI Data Security Standard (DSS), a standard for protecting the personal information of customers and a requirement for accepting credit cards in most situations.
Splunk App for PCI Compliance "was developed to make PCI compliance as easy as possible for businesses," said Mark Seward, senior director of security and compliance marketing at Splunk in San Francisco. "Collecting and retaining data for audits is a daunting task, particularly since most PCI solutions require significant data normalization to deal with the wide variety of operational and security data formats. The Splunk App for PCI Compliance solves this challenge with out-of-the-box content for reporting and real-time monitoring of the enterprise."
The new tool is meant to be combined with Splunk Enterprise, the company's flagship big data analytics and statistical analysis platform for machine generated data. Together, the product set provides a scalable and robust investigation and forensics platform that serves up simple audit trails and visualizations of PCI incident review workflow, asset threat prioritization and requirement scorecards for PCI compliance without intertwining them all with other SIEM reports that can often be confusing or irrelevant, the company said in the release.