Open source innovator and SNORT creator, Sourcefire, Inc. (Nasdaq: FIRE), a leader in enterprise threat management, today announced that the Sourcefire 3D System is among the first ICSA Labs-certified network intrusion prevention systems to be issued a Payment Card Industry Data Security Standard (PCI DSS) Product Capability Assurance Report by ICSA Labs.
The PCI DSS is comprised of a dozen requirements established to maintain minimum information security standards where organizations are storing, processing or transmitting sensitive payment cardholder data, in the interest of better protecting consumer credit card information. The requirements target five key components of computer and network security: Internet firewalls, PC firewalls, antivirus products, web application firewalls and network and host intrusion detection systems/intrusion prevention systems (IDS/IPS).
Prior to issuing its PCI DSS Product Capability Assurance Report, ICSA Labs evaluates a product's key security controls, as vetted by its testing programs, and maps them against requirements for the PCI DSS. This report helps merchants using credit cards to understand which PCI requirements the Sourcefire 3DTM System helps satisfy and where the product fits into a PCI-compliant merchant environment.
"Hundreds of organizations worldwide rely on ICSA Labs to conduct objective and thorough security product testing, and Sourcefire should be commended for taking an active role in providing customers with high levels of dependability and protection," said George Japak, managing director, ICSA Labs. "The PCI DSS is critical to an organization's ability to safeguard its customers' credit card information. Today's announcement illustrates the level of commitment that Sourcefire is making to help protect its customers' business information."
For the PCI DSS Product Capability Assurance Report, the Sourcefire 3D System was evaluated against 23 controls required by the standard, including the ability to monitor all network traffic and alert personnel to suspected threats, establishing a process to identify newly discovered vulnerabilities, and the ability to encrypt all non-console administrative access.
"Credit card theft and fraud is one of the biggest security issues facing today's retailers, and Sourcefire understands that today's dynamic environments require proactive security solutions to protect their business and customers against the latest known and unknown threats," said Mike Guiterman, director of compliance product management at Sourcefire. "This ICSA Labs PCI DSS Product Capability Assurance Report demonstrates Sourcefire's commitment to protecting our customers' most critical assets, as well as the Sourcefire 3D System's ability to proactively address users' real-world security requirements."
The Sourcefire 3D System delivers the industry's first adaptive IPS capabilities, which enable customers to improve the security and performance of their IPS systems based on the actual network assets they are protecting. Sourcefire's adaptive approach provides users with increased automation, which reduces the amount of actual human intervention required and decreases the number of false positives and negatives, as well as the potential for network downtime. All of this leads to improved security with lower operational costs.