PCI DSS · Build and maintain a secure network
Req. 2 Apply secure configurations to all system components
Apply secure configurations and remove or change vendor defaults across all system components.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- NIST CSF 2.0EquivalentOfficial mapping
Source: PCI DSS v4.0 / NIST CSF 2.0
PR.PS-01 Configuration management practices establishedSecure configuration & hardening
- CIS Controls v8EquivalentCurated4.1 Establish and maintain a secure configuration process
Secure configuration & hardening
- Cyber EssentialsEquivalentCuratedCE-2 Secure configuration
Secure configuration & hardening
- Cyber EssentialsPartialCuratedCE-1 Firewalls
Secure configuration & hardening
- Essential EightPartialCuratedE8-5 Application control
Secure configuration & hardening
- Essential EightPartialCuratedE8-6 Restrict Microsoft Office macros
Secure configuration & hardening
- Essential EightPartialCuratedE8-7 User application hardening
Secure configuration & hardening
- ISO 27001EquivalentCuratedA.8.9 Configuration management
Secure configuration & hardening
- NIST 800-171EquivalentCurated3.4.2 Establish and enforce security configuration settings
Secure configuration & hardening
- NIST 800-53EquivalentCuratedCM-6 Configuration settings
Secure configuration & hardening