How do I create a PCI DSS report?

PCI DSS ASV or Payment Card Industry Data Security Standard Approved Scanning Vendor.

In order to create a report, you first need to create a template for the report: 

  1. Login to Security Center.
  2. Click Reports in the main menu.
  3. Click Templates.
  4. Click Add template Compliance. 
    • Name: the name of the template, e.g. PCI DSS template.
  5. Click Compliance.
    • Framework: type of framework for the report, in this case: Payment Card Industry Data Security Standard (PCI DSS).
  6. Click Source.
    • Include hosts that: here you include hosts that have all or any of the specific tags that you enter.
    • Do not Include hosts that: here you exclude hosts that have all or any of the specific tags that you enter.
    • By default, the PCI DSS tag will always be selected.
    • Timeframe: here you can select what timeframe you want you report to filter on.
  7. Click Save.

Your new template is now done, and we will continue with creating the report:

  1. Click Schedules.
  2. Click + Add schedule > Compliance.
    • Name: the name of the report, e.g Monthly PCI DSS compliance report.
    • Report template: click on your newly created template.
  3. Under the headline Source enter the following:
    • IPs/Ranges: the source for you report. Can be specific host or IP ranges. You can add any number of hosts.
    • Web applications: the source of your report. You can add any number of web applications.
    • Include hosts that: here you include hosts/webb applications that have all or any of the specific tags that you enter.
    • By default, the PCI DSS tag will always be selected.
    • Do not Include hosts that: here you exclude hosts/web applications that have all or any of the specific tags that you enter.
  4. Under the headline Schedule enter the following:
    • Starts on: select the first start date and time. Notice that reoccurring schedules will start at the time set here.
    • Timezone: select the timezone for the schedule.
    • Repeat every: select the number of days, weeks or months between the reports.
    • Period & limitation: here you can adjust the length of the scheduled report
  5. Under the headline Recipients enter the following:
    • Click +Add Recipients: If you want to enable the encrypted PDF sendout of the report.
    • Email: The Email of the recipent.
    • Phone number: The phone number of the recipient.
  6. Under the headline Notification enter the following:
    • Notifications: check if you want a notification to be sent by email when the report is generated.
    • Subject: enter a custom subject for the notification, or use default.
    • Sender name: enter a custom sender name for the notification, or use default.
    • Sender email: enter a custom sender email for the notification, or use default. If you use your own email (e.g. notifications@yourbusiness.com) address please add the following SPF record for the domain (e.g. business.com) to avoid problems receiving the emails:
      http://support.holmsecurity.com/hc/en-us/articles/213446285
    • Recipient: enter recipient for the notification.
    • Message: enter a custom message for the notification, or use default.
  7. Click Save.
  8. Done!
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.