PCI Watch

Tracking changes across the Payment Card Industry
ℹ️
Reference Content: This is a copy of content from the PCI Security Standards Council FAQ database, preserved for tracking changes over time.
View Original →
FAQ #1074 Published

Is IDS required if centralized log correlation is in place?

Although log correlation can be a valuable tool in a company?s information security strategy, it is not a replacement for an intrusion detection system. The IDS wording in PCI DSS requirement 10.6 is not to imply that log parsing tools are an alternative to IDS, but rather that IDS logs should be included in the daily log reviews required by PCI DSS requirement 10.6. These daily log reviews can be done by log parsing tools. Please refer to PCI DSS requirement 11.4, which require that either network IDS, host-based IDS, or IPS be in place to monitor all network traffic. For more specific information, please contact the individual payment card brands.

View original on PCI SSC website View all versions Back to recent changes

Disclaimer: This FAQ has been processed for display on this website and may contain errors. Please check the original FAQ on the PCI SSC website for the authoritative version.