Can the QualysGuard service help me maintain compliance?
Yes Properly set up, report templates can be created to ensure compliance with a variety of different types of regulator compliance, security policy compliance, or compliance with a data privacy policy. With credentialed scanning, systems can be scanned for deviation from baseline configurations as might be dictated by a compliance audit. Most of this information can be found as part of the severity 1 and severity 2 vulnerability checks. Examples: Data Privacy A template consisting of all malicious software, patches, peer-to-peer software detections, and passwords related QIDs can provide the basis for a data privacy policy and anti-malware strategy. PCI The PCI Data Security Standard details security requirements for members, merchants, and service providers that store, process or transmit cardholder data. To demonstrate compliance with the PCI Data Security Standard, merchants and service providers may be required to conduct network security scans on a quarterly basis.
