Author Topic: Which product would store suitable audit logs for PCI compliance?  (Read 3365 times)

0 Members and 1 Guest are viewing this topic.


  • Guest
We need antivirus software for PCI compliance that fulfils the following requirements, which version of Avast might be suitable? (we need this for Windows XP, Windows 7 and possibly Mac OS X Lion).

Is anti-virus software deployed on all systems commonly affected by malicious software?
5.1.1 Are all anti-virus programs capable of detecting, removing, and protecting against all known types of malicious software (for example, viruses, Trojans, worms, spyware, adware, and rootkits)?
Is all anti-virus software current, actively running, and generating audit logs, as follows:
(a) Does the anti-virus policy require updating of anti-virus software and definitions?
(b) Is the master installation of the software enabled for automatic updates and scans?
(c) Are automatic updates and periodic scans enabled?
(d) Are all anti-virus mechanisms generating audit logs, and are logs retained in accordance with PCI DSS Requirement 10.7?



  • Guest
Re: Which product would store suitable audit logs for PCI compliance?
« Reply #1 on: October 01, 2011, 05:00:48 PM »
I just downloaded Avast! Internet Security trial for Windows and installed it on Windows XP in VMWare Fusion and it looks very promising.  It has a setting to delete logs older than x days - so I've set it to 365.  Looks like this is ideal.   McAfee Total Protection seems to only have logs for 30 days and there appears to be no way to change it.

The new Avast! free Antivirus for Mac looks very promising - if it's strictly not for commercial use will there be a paid version?

We need antivirus for 3 Macs - 2 of which run windows within VMWare Fusion Would we need 5 licenses?