EDJ’s whitelisting solution is another easy to use, yet powerful, tool for retailers who want to protect their customers and maintain a higher level of PCI compliance. The WhiteList application ensures system integrity by monitoring processes running on the 4690 controllers and comparing them to a known list of accepted processes.
EDJ’s WhiteList application consists of a single executable, which constantly monitors both java and native 4690 processes running in the foreground, background, and on the Linux layer of the 4690 controller. Any running process that does not match the process name, process path (directory), or parameters of those contained on the whitelist will be logged as an exception. Configuration options allow exceptions to be logged to a flat ASCII file, an XML file, or the 4690 event log.
When run in combination with EDJ’s StoreGazer application, WhiteList becomes a complete, centralized solution for retailers who NEED immediate notification when unauthorized processes are running in their stores.
PCI DATA SECURITY STANDARDS
The latest Payment Card Industry (PCI) Data Security Standards require retailers to satisfy several file integrity monitoring requirements. WhiteList, along with StoreGazer’s File Change Detection feature creates a powerful combination to address those concerns by checking which processes are approved to run and monitoring associated files.
WhiteList for StoreGazer 4.0
Currently, EDJ’s WhiteList solution is available in StoreGazer 2.6 or can be run as a standalone application. An interface for the program is scheduled to be included in an upcoming release of StoreGazer 4.0.