Capsule8 Protect Achieves PCI DSS Certification

Capsule8’s comprehensive protection platform for Linux production systems exceeds standards for intrusion detection and prevention systems, file integrity monitoring and anti-virus requirements

BROOKLYN, New York (February 27, 2019) Capsule8, the only company providing comprehensive, high-performance attack protection for production Linux environments,  today announced that Capsule8 Protect has been certified as compliant with the Payment Card Industry Data Security Standard (PCI DSS 3.2.1), meeting requirements in such areas as intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM) and anti-virus (AV). This certification establishes Capsule8 Protect as the leading PCI-compliant cloud-native security solution capable of being deployed in production Linux  environments, including public cloud, containers, virtual machines, and data centers. This certification will allow enterprises to shift from multiple legacy controls to a single, simple solution that performs well even on the busiest workloads and networks.  

Capsule8’s Protect platform works across all Linux production environments – whether containerized, virtualized or bare metal. Capsule8 Protect prevents attacks without relying on inherently reactive indicators of compromise, and also has a powerful policy-based protection capability that solves security exception management problems that have long plagued host-based policy solutions. The Capsule8 platform performs even on busy servers and networks that previously were too mission-critical for agent-based security solutions that inevitably slow down systems.  As a result, customers using the Capsule8 platform can now leverage a single platform that outperforms the functions of traditional IDS/IPS, FIM, and AV tools, without adding risk to production infrastructure.

The PCI DSS, developed by the founding payment brands of the PCI Security Standards Council, was created to provide an actionable framework for developing a robust payment card data security process including prevention, detection and appropriate reaction to security incidents against a range of potential threats and attack profiles.

“The move to Cloud Native technologies is hard enough. Doing so while remaining PCI compliant has been a huge challenge for enterprises, and the quality of security has suffered as a result,” said John Viega, co-founder and CEO of Capsule8. “With just one product, Capsule8 now satisfies several key PCI requirements, and at the same time protects customers better, dramatically reduces false positives, and removes performance risk in a way that makes operations teams happy, all resulting in  a smoother PCI audit process for our customers.”

Following a rigorous evaluation by DirectDefense, a leading provider of PCI and security assessment services for PCI DSS, Capsule8 was found to be a compliant solution for several controls regarding IDS/IPS, FIM and AV for architectures that rely on Linux for their host operating systems, and for enterprises that manage PCI compliance in house, including several of the key “control” statements in Requirements 5, 6, 10 and 11 . This allows organizations to replace legacy IDS/IPS, FIM and AV solutions in their Linux production environment with a single solution. Among the PCI DSS requirements the Capsule8 solution helps address are the following:

  • Requirement 5: Protect all systems against malware and regularly update anti-virus software or programsCapsule8 provides comprehensive prevention and detection, not only for malicious and unwanted programs, but also zero-day attacks or those using previously unknown exploitation techniques.
  • Requirement 6: Develop and maintain secure systems and applicationsTo stay ahead of the curve, Capsule8 Labs has a continuous process to identify and evaluate new and existing CVEs (Common Vulnerabilities and Exposures), testing its product continually against new exploits to ensure effectiveness — even by quickly writing custom exploits when no public exploit is available for a customer-impacting vulnerability.
  • Requirement 11: Regularly test security systems and processesCapsule8 Protect provides cloud-native detection and prevention capabilities that leverage workload-level data to provide vastly superior protection than traditional IDS/IPS. The solution also provides a policy capability, including File Integrity Management (FIM), that helps granularly define prevention strategies to automatically stop unwanted activity in even the most complex Linux production environments.

For more information and Capsule8’s complete PCI Requirement Attestation report visit: https://capsule8.com/compliance/

About Capsule8

Founded in fall 2016 and headquartered in Brooklyn, NY, Capsule8 is the only company providing high-performance attack protection for Linux production environments — whether containerized, virtualized, or bare metal. Capsule8 frees-up SecOps teams, while being safe for even the busiest workloads, on the busiest networks. Founded by experienced hackers and seasoned security entrepreneurs, and funded by Bessemer Venture Partners and ClearSky, Capsule8 is making it possible for Linux-powered enterprises to modernize without compromise. Learn more at www.Capsule8.com.

Scroll to Top