Compliance Frameworks
PCI - DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards that must be met by all companies handling cardholder data. It is composed of both specific technical requirements as well as high-level requirements for policies, procedures, software development, and the IT architecture. Fulfilling the requirements can be challenging, and the process becomes more complicated when there are a large number of systems. The scope can be blurry where a large set of systems are interconnected via network, shared storage or Windows domain. Nanitor supports companies with PCI-DSS requirements in multiple ways, saving time and making the work more systematic and enjoyable.
Compliance Frameworks
ISO 27001
In the ISO 27001 standard, organizations are given specifications to implement an information security management system (ISMS). Annex A of the standard lists the requirements to help treat risk of any kind. These requirements (called controls) can be categorized into organizational, people, physical, and technological. Nanitor helps you address the technical requirements by identifying the risks and providing guidance on how you can remediate the risks identified. The additional features included in Nanitor allow you to systematically address these issues by automating the identification process and providing risk information that can educate your decision making when you’re managing the risk to your environment.
