December 10, 2007 08:00 ET

eEye to Roll Out PCI Compliance Reporter

PCI Style Compliance Reports Within REM Security Management Console

ALISO VIEJO, CA--(Marketwire - December 10, 2007) - eEye Digital Security®, a leading developer of unified client security and vulnerability management tools, today announced that it will be providing a PCI Compliance Reporter, a series of report templates designed to ensure that organizations comply with some 12 Payment Card Industry Data Security Standard (PCI DSS) requirements for protection against credit card fraud and identity theft. Since 2005, credit card fraud in the UK and America has increased by 350% on average, according to Reuters, while the FBI estimated the cost of organized cybercrime at $400 billion in 2004.

Conforming to strict PCI DSS standards, the eEye PCI compliance reports will enable users to comply with PCI requirements, beginning with the identification, assessment and mitigation of existing risks, prevention of future risks, monitoring and analyzing events, incident response and generating reports on risk status.

"Being able to enforce and report local system policy from a centralized position is key," said Morey Haber, eEye VP of Product Management. "eEye solutions allow an organization to accurately portray its security posture and attest to its state of compliance. We can maintain a snapshot of system status, vulnerabilities, patches, and configuration detail in any size of environment, identifying compliance anomalies in a timely fashion and thereby helping organizations run secure business practices."

The eEye PCI Compliance Reporter supports the following PCI DSS mandates:

--  Install and maintain a firewall configuration to protect data;
--  Prevent the practice of using vendor-supplied defaults for system
    passwords and other security parameters;
--  Use and regularly update anti-virus software and signatures;
--  Assign a unique ID to each person with computer access;
--  Regularly test security systems and processes; and
--  Develop and maintain secure systems and applications;

These PCI compliance reports will initially be available for use with the REM Security Management Console and the REM 1505 Appliance, both of which offer a complete view and control of an organization's security posture; integrated vulnerability management (network and host) with centralized endpoint security management. The console manages Retina network vulnerability scans and Blink Professional endpoint security policies and incidents from a single console.

"We are looking forward to using the PCI Compliance Reporter to satisfy a growing demand among our retail and financial services customers for ways to prevent identify theft and restore public trust in making credit card purchases without fear of losing money or ruining one's credit history," said Dave Doebler, Director of Sales, Mission Critical Systems. "Taking a proactive approach to mitigate financial risk is imperative given the amount of phishing, keylogging, WiFi hacking, and related scams criminals use to prey on innocent consumers."

PCI Compliance Reports by eEye will later be available in its Retina Network Security Scanner. Retina scans the network for known and unauthorized devices -- such as servers, desktops, laptops, routers/switches -- identifying missing patches, misconfigurations, policy exceptions, and other vulnerabilities.

The PCI DSS is the payment card industry's effort at self regulation. It creates a unified security standard that reduces the risk of card fraud and governs the safekeeping of cardholder information throughout the transaction process. It applies to any and all merchants, service providers and acquirers that store, process or transmit cardholder data.

According to statistics posted on Visa's Web site, 44% of 327 so-called Level 1 merchants, those identified as submitting more than 6 million Visa transactions annually, were PCI compliant as of Aug. 31, up from 40% in July. Another 54% have submitted plans but need to make changes before getting final validation. Level 1 merchants account for half of Visa's transaction volume.

Visa also noted that nearly 2,500 Level 3 merchants, those that do business only on the Web and generate 20,000 to 1 million annual Visa transactions, have a validated PCI compliance rate of 54%. Twenty percent are in remediation and 24% have started the PCI assessment process, Visa reports.

Pricing and Availability

PCI Compliance Reports by eEye are now available for use with the REM Security Management Console and the Retina Enterprise Security Management Appliance 1505. They will be available in the Retina Network Security Scanner by December 30. The Retina Enterprise Security Management Appliance 1505 with eEye PCI Compliance Reporter starts at $20,000.

About eEye Digital Security

eEye Digital Security is the innovative leader in vulnerability and security research, providing security solutions that help businesses and users protect their systems and intellectual property from compromise. eEye enables secure computing through world-renowned research and innovative technology, supplying some of the world's largest businesses with an integrated and research-driven vulnerability assessment, intrusion prevention, and client security solution. eEye protects the networks and digital assets of a growing network of more than 9,000 corporate and government deployments worldwide. Founded in 1998, eEye Digital Security is headquartered in Orange County, California. For more information, please visit

All trademarks contained within this press release are the sole property of their respective owners and are hereby acknowledged.

Contact Information

  • Press Contact
    Victor Cruz
    email: Email Contact

    Corporate, North America:
    Stacy Newman
    email: Email Contact