Among the 89 technical requirements in PCI-DSS 22 concern cryptography. Of those, 21 can be treated by Cryptosense Analyzer.
Use Cryptosense Analyzer to get an extensive cartography of the crypto used by your application and remove outdated or deprecated cryptographic objects without manual analysis.
Efficiently prepare for cryptography audits by eliminating vulnerabilities in advance. Optimise cryptography expertise resources by only treating real findings – not false positives.
Detect and correct all the cryptographic flaws in your system before the audit takes place.
Use application security testing by Cryptosense Analyzer to automate the generation of cryptographic analysis reports for your target applications.Estimates made by our customers demonstrate that using Cryptosense Analyzer to generate crypto reports in a PCI DSS certification process saves up to 75% of the time spent by their teams on applications cryptographic analysis, and reduces its cost by at least 10%. The time saved means that staff can work on tasks with a higher value added.
Many certification processes like PCI DSS involve mobilising internal resources to perform application security testing once or twice a year. These tests are time consuming for people who already have a full time job and are asked to contribute to the certification process punctually, with generally short deadlines. This makes the overall process painful and not fluid.
“With the deprecation of 3DES announced by NIST, we used Cryptosense Analyzer to identify all instances of this block cipher in our applications and change them. This allowed us to prepare for the new standard well ahead, which is what our clients expect from us.
Cryptosense Analyzer’s automated approach saved us time and gave us the guarantee we were not leaving any non-compliance behind us”.
“We were preparing for a cryptography audit with the French government cybersecurity agency (ANSSI) on one of the PKI applications we develop. Cryptosense Analyzer natively embedded the right cryptographic profile for that audit, which made it plug and play.
The test allowed us to discover much more crypto than we thought, and to identify and correct non-compliances prior to the audit.”
Learn more about how Cryptosense Analyzer can help you automate PCI DSS cryptography audits.download