Home
User Guide
The information contained in this section applies to IBM WebSphere Commerce Version 7.0.0.9 and Feautre Pack 8. The documentation also applies to all subsequent releases and modifications until otherwise indicated in new editions.
Compliance
The following section describes how you can leverage WebSphere Commerce features and functionality to help your site be compliant with different privacy and security standards.
WebSphere Commerce and the PCI Data Security Standard
Addressing the PCI Data Security Standard within WebSphere Commerce
The following topics deal with each of the detailed requirements that pertain to WebSphere Commerce. Some of the requirements are directly related to the WebSphere Commerce software package. Other requirements are unrelated, or indirectly relate to the WebSphere Commerce software package. For example, indirect requirements can affect your use of the operating system security features to secure WebSphere Commerce files.
Requirement 11: Regularly test security systems and processes
While beyond the scope of WebSphere Commerce, it is important to regularly test security systems and processes. Refer directly to the PCI DSS for details on testing requirements.

WebSphere Commerce on premise not applicable for Commerce on Cloud offering

Requirement 11: Regularly test security systems and processes

While beyond the scope of WebSphere Commerce, it is important to regularly test security systems and processes. Refer directly to the PCI DSS for details on testing requirements.

Note: Section 11.5 of the PCI-DSS makes recommendations regarding the deployment of a file integrity monitoring system. When configuring the files to monitor, add all files under the WC_installdir and WC_profiledir. This ensures that you monitor critical configuration files such as wc-server.xml, log files, and custom key files.