It is a PCI assessment not an audit. A QSA is a Qualified Security Assessor not an auditor. Semantics of the word can be important as a PCI assessment is done as of a point of time, not over a period of time. Yes, some tests look back like vulnerability scanning but most tests happen at a given point of time of the PCI assessment. An assessment is not an audit. Good video but ever time I heard the word audit, I cringed a bit. Thank you for this AWS information.
The title should be: How to achieve PCI DSS Compliance with AlienVault
It is a PCI assessment not an audit. A QSA is a Qualified Security Assessor not an auditor. Semantics of the word can be important as a PCI assessment is done as of a point of time, not over a period of time. Yes, some tests look back like vulnerability scanning but most tests happen at a given point of time of the PCI assessment. An assessment is not an audit. Good video but ever time I heard the word audit, I cringed a bit. Thank you for this AWS information.