- Knowledge base
- PCI DSS
- General
-
Security updates
-
Product news
-
Next-Gen Vulnerability Management
-
Getting started
-
General
-
Operating status
-
Network & System Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Attack Surface Management
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset management
-
Vulnerability manager
-
Reports
-
Digest reports
-
Organizer
-
Continuous monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & conditions
-
Dashboard
How do I create a PCI DSS report?
To create a report tailored for PCI DSS, you first need to create a template for the report:
- Log in to Security Center.
- Click Reports in the main menu.
- Click Templates.
- Click Add template > Compliance.
- Name: the name of the template, e.g., PCI DSS template.
- Click Compliance.
- Framework: In this case, the type of framework for the report is the Payment Card Industry Data Security Standard (PCI DSS).
- Click Source.
- Include hosts that: here, you include hosts with all or any specific tags you enter.
- Do not Include hosts that: here, you exclude hosts with all or any specific tags you enter.
- By default, the PCI DSS tag will always be selected.
- Timeframe: Here, you can select the timeframe on which you want your report to filter.
- Click Save.
Your new template is now done, and we will continue with creating the report:
- Click Schedules.
- Click + Add schedule > Compliance.
- Name: the report's name, e.g., Monthly PCI DSS compliance report.
- Report template: click on your newly created template.
- Under the headline Source enter the following:
- IPs/Ranges: the source for your report. It can be a specific host or IP range. You can add any number of hosts.
- Web applications: the source of your report. You can add any number of web applications.
- Include hosts that: here, you include hosts/web applications with all or any specific tags you enter.
- By default, the PCI DSS tag will always be selected.
- Do not Include hosts that: here, you exclude hosts/web applications with all or any specific tags you enter.
- Under the headline Schedule enter the following:
- Starts on: select the first start date and time. Notice that reoccurring schedules will start at the time set here.
- Timezone: select the timezone for the schedule.
- Repeat every: select the number of days, weeks, or months between the reports.
- Period & limitation: here, you can adjust the length of the scheduled report
- Under the headline Recipients enter the following:
- Click +Add Recipients to enable the encrypted PDF sendout of the report.
- Email: The Email of the recipient.
- Phone number: The phone number of the recipient.
- Under the headline Notification enter the following:
- Notifications: Check if you want a notification sent by email when the report is generated.
- Subject: enter a custom subject for the notification, or use default.
- Sender name: enter a custom sender name for the notification, or use default.
- Sender email: enter a custom sender email for the notification, or use default. If you use your email (e.g., notifications@yourbusiness.com) address, please add the following SPF record for the domain (e.g., business.com) to avoid problems receiving the emails:
http://support.holmsecurity.com/hc/en-us/articles/213446285 - Recipient: enter the recipient for the notification.
- Message: enter a custom message for the notification, or use default.
- Click Save.
- Done!