PCI

redscan

Preparing for PCI DSS 4.0: what you need to know

The PCI DSS is a minimum set of requirements designed to help organisations protect customer cardholder data, minimise fraud, plus prevent, detect and respond to cyber-attacks. All organisations that accept and/or process credit card payments are required to undertake an annual PCI DSS audit of security controls and processes, covering areas of data security such as retention, encryption, physical security, authentication and access management. Version 3.2 of the PCI DSS was introduced in 2016.

veracode

New PCI Regulations Indicate the Need for AppSec Throughout the SDLC

The PCI Security Standards Council (SSC) is a global organization that aims to protect payment transactions and consumer data by developing standards and services for payment software vendors that drive education, awareness, and implementation. Since payment software is constantly changing, the SSC is constantly evolving and adapting its standards to ensure that vulnerabilities and cyberattacks are minimized.

Achieve PCI DSS Compliance With Seeker

More than 11.5 billion records with sensitive information were breached between January 2005 and January 2019 (PrivacyRights.org). If your business stores, processes, or transmits cardholder data, it's imperative that you implement standard security procedures and technologies to prevent the theft of this sensitive information. Start by ensuring you're in compliance with the technical and operational requirements set by the Payment Card Industry Data Security Standard (PCI DSS).
veracode

The Migration From PA-DSS to SSF: Everything You Need to Know

Technology is constantly changing and advancing. Payment platforms are no exception. As these new platforms emerge, the software supporting the platform must be reliable and secure. Without secure payment platforms, payment transactions and data could be compromised. The PCI Software Security Framework (SSF) sets standards and requirements for both traditional and modern payment software.

alienvault

PCI DSS logging requirements explained

As a consumer, I feel more confident about using my credit card online and in brick-and-mortar stores when I know retailers are being careful about PCI DSS compliance. Breached financial credentials can wreak havoc not only on the lives of consumers, but also on the well-being of merchant businesses. I think the PCI DSS is an excellent example of how security standards can be improved when organizations cooperate and collaborate.

reciprocity

PCI Audit Interview Questions

The Payment Card Industry Data Security Standards (PCI DSS) defines the framework for protecting cardholder data. The framework was developed by the Payment Card Industry Security Standards Council (PCI SSC) and enables organizations to assess how well they are protecting cardholder data, training staff, and conducting PCI DSS audits. PCI compliance and accepting credit cards go hand in hand.

tripwire

A Checklist for Preparing for Your Organization's Next PCI Audit

Organizations cannot afford to neglect their PCI compliance obligations. According to its website, PCI could punish offending organizations with a monetary penalty ranging in value from $5,000 to $100,000 per month. These fines could spell the end for a small business. Acknowledging those consequences, organizations need to make sure they’re PCI compliant. More than that, they must ensure they’re prepared for when auditors come knocking on their door.

tripwire

Foundational Controls Make the Hard Things Easier to Do

Let’s begin with a short story. Imagine that we have two large organizations in the public sector. These entities are very similar. Both are on the receiving end of cyber threats. Both adhere to multiple compliance standards. And both need to ensure that their IT systems are functioning and working as planned. But they’re not entirely the same. Take Organization A, for example.