Security PCI RSP PCIDSS4.0 PCIDSS PCI DSS v4.0

Three steps to avoiding the new "In Place with Remediation" status and using the seven P's to help -- prior proper planning prevents p*#s poor performance!

Continue Reading

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

There are two notable changes that may require a fair bit of runway to fully meet the existing requirement to monitor your critical security control systems.

Continue Reading

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

Are you a SaaS? Do you offer various shared services to merchants and other service providers with access to resources or services being logically controlled or partitioned to keep...

Continue Reading

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

Mistakes with PAN happen! Data leaks, memory dumps, or debug logs can accidentally contain sensitive information and can leak data into unexpected places in your environment. It is now a...

Continue Reading

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

There are now two options to meeting the new requirement 6.4.2 for a web application firewall:  WAF or RASP. Notice I didn’t say manual code review!

Continue Reading

Risk Assessments PCI Risk Risk Management RSP PCIDSS4.0 PCIDSS PCI Assessment

PCI DSS v4.0 introduces new expectations about what is required when it comes to assessing risk.  In contrast to the previous version of the Standard, risk awareness is a core concept that...

Continue Reading