10.5.5 Verify the use of file integrity monitoring or change detection software for logs by examining system settings and monitored files and results from monitoring activities
[PCI DSS 1.x] 10.5.5 Use file integrity monitoring and change detection software on logs to ensure that existing l
[READ-ONLY] Archives
[RETIRED] PCI DSS v.1.x Questions and Answers
Regularly Monitor and Test Networks
[FONT="]Hi there,
[/FONT]
[FONT="]My company is looking at deploying a good and recommended solution in order to manage the file integrity monitoring requirements of the PCI Standard (req 10.5.5 & 11.5). That being said we have been looking into the McAfee Change Control Software as a possible solution. Does anyone have any experience of this solution and whether this would be a cost effective and easily managed in a small/medium enterprise?[/FONT]
[FONT="] http://www.mcafee.com/us/enterprise/products/risk_and_compliance/change_control.html [/FONT]
[FONT="]Having said that, would anyone have any comments around other solutions that would meet these specific items?"[/FONT]