Logs provide an important role in the security of your environment. They are a recording what happened and a method to recreate events that led to a security incident. That’s if you capture all of them, if you protect their integrity, and if you are looking for the right things. These common pitfalls affect the ability to monitor your environment and meet PCI requirements.
If you are like most information technology and information security professionals, the idea of becoming compliant with PCI DSS or countless other regulations doesn't sound fun. It's much more common to associate compliance efforts with pain. Whether it's the pain of not knowing what to do, pain of failing your first assessment, or pain of complying without any budget, there are plenty of challenges for anyone tasked with doing this well.
We faced a challenge, to write a fun, useful, and insightful book about PCI DSS. We are committed to the challenge! We’d like to invite you, our reader, to travel with us in the hopes that when you turn the last page, you would come to realize that PCI DSS compliance can indeed be fun!
We have an active community and website over at GitHub with links to all kinds of materials to help you along your journey. Check out our GitHub Repository that supports the book for links, discussions, our Discord Server, errata, and more!