Clik here to view.
Blog – A Place for QSAs to Share
I’ve been a PCI QSA for many years and in the IT Security space for 15 plus years. I consider myself an expert in many areas of IT Security. However, I still come across security...
View ArticleClik here to view.
What is PCI Compliance?
What is PCI? or better yet What is PCI Compliance? PCI or more commonly PCI DSS stands for “Payment Card Industry Data Security Standard” and is a set of industry rules (There is no governmental...
View ArticleClik here to view.
American Express Adds Registration Requirement for Service Providers
American Express has recently put into place a mandatory Service Provider Registration (SPR) program. This program is very similar to the Visa and MasterCard Service Provider programs already in...
View ArticleClik here to view.
A PCI Compliance Checklist
Do you have clients that ask about a PCI Compliance Checklist? (or maybe you are looking for one). Here is basic information a small/medium merchant would need to follow to be compliant: 1st, see my...
View ArticleClik here to view.
Common ASV Vulnerability Scan Misconfigurations…Are You Guilty?
In today’s security environment, conducting accurate PCI Assessments are an important part of a companies overall security strategy. Right or not some companies count on their QSA auditor to find their...
View ArticleClik here to view.
How to Get Less Findings on Your Next Internal Penetration Test
…and Become More Secure As a penetration tester I find it TOO EASY to fully compromise an internal network – without finding a single “vulnerability”! I spend most of my time on two types of...
View ArticleClik here to view.
Reducing PCI Scope, What Makes Good Network Segmentation?
What systems are in scope for PCI Compliance? If you go by the PCI DSS Requirement document This is what they say in version 3.0 about PCI Scope. The PCI DSS security requirements apply to...
View ArticleClik here to view.
Visa Introduces Enhanced PCI DSS Enforcement Plan
Are you PCI Compliant Yet? A lot of merchants and service providers are not and you better hurry! Visa has announced that it is stepping up enforcement of PCI Compliance. With all of the high profile...
View ArticleClik here to view.
PCI Security 101
Need to get up to speed on the hot PCI Compliance topics? Interested in Chip and PIN or Mobile Payments? I thought so…The PCI SSC has produced several well made videos that quickly cover some of the...
View Article
