>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

6.4.2For public-facing web applications, an automated technical solution is deployed that continually detects and prevents web-based attacks, with at least the following: Is installed in front of public-facing web applications and is configured to detect and prevent web-based attacks.

>Requirement Description

For public-facing web applications, an automated technical solution is deployed that continually detects and prevents web-based attacks, with at least the following: Is installed in front of public-facing web applications and is configured to detect and prevent web-based attacks. Actively running and up to date as applicable. Generating audit logs. Configured to either block web-based attacks or generate an alert that is immediately investigated. Applicability Notes This new requirement will replace Requirement 6.4.1 once its effective date is reached. This requirement is a best practice until 31 March 2025, after which it will be required and must be fully considered during a PCI DSS assessment.

>Cross-Framework Mappings

SCF

IAO-04
Compare
MON-03
Compare
TDA-15
Compare
VPM-05.1
Compare
WEB-01
Compare
WEB-03
Compare

Ask AI

Configure your API key to use AI features.