PCI DSS compliance


5.1 Anti-virus software deployment

5.1 Installed software package

This section of the PCI DSS standard describes the availability of anti-virus software. Malicious software, malware for short, is a serious threat for most operating systems.

Although Unix based systems have a history of being less susceptible for malware, some environments are still at risk. For example a Linux system handling e-mail, might be a great gateway for malware scanning. On shared web hosting platforms the threat is also higher, which is another place to deploy a scanner to increase the chance of detection any trace of malware.

Common examples for the Linux platform include ClamAV, LMD or a commercial scanner.