Fox-IT gets PCI-DSS accreditation for Managed Detection & Response service

Fox-IT has received an Attestation of Compliance for the PCI-DSS standards for its Managed Detection & Response service. The certificate was awarded on 15 March for the CTM Network Module, which is used to carry out the monitoring service.

The PCI-DSS accreditation makes it easier for Managed Detection & Response service customers to demonstrate compliance with PCI-DSS in the annual mandatory audit. All organizations that process credit card data have been required to comply with these standards since 2004. This applies to direct processors such as financial institutions and shops, but also to their suppliers.

The standards stipulate that it must be ensured how security is arranged and how the network and systems are monitored. In addition, it must be ensured that all data is secured at the moment that there is a data leak.

CTM Network module

The Fox-IT CTM Network Module was developed in the past two decades based on the experience of cyber security experts and monitors all traffic over the network on the so-called Indicators of Compromise (IOC). These include, for example, specific types of traffic, traffic with conspicuous destinations or traffic using remarkable technology.

If one or more of the IOCs are detected, a message is sent to the Security Operations Center (SOC). Security analysts are checking the observation there. If the suspicious activities are confirmed, immediate action will be taken. Customers are therefore informed.

According to Christian Prickaerts, Director Managed Services, the accreditation shows that “we take that extra step for our customers”. “Suppliers of credit card processing organisations must be able to demonstrate that they are PCI compliant. The PCI-DSS certification of our Managed Detection & Response service therefore saves them the necessary work during the annual audit in terms of the compulsory monitoring of their network. We are proud to be able to offer them this.”