How many of your merchants are just checking the boxes? Checkbox compliance is nothing new in the payments industry. In fact, Google “checkbox compliance” and you quickly see that thousands of posts have been written about it. These posts describe the exercise of racing to … Read more
Find an Experienced Penetration Tester Like most security testing services, the quality of service you get in a penetration testing engagement can vary tremendously from vendor to vendor. That’s because penetration testing is human-driven, relying upon the tester’s expertise and diligence. Evaluate Potential Providers Asking the … Read more
Understanding the need for intrusion detection. At 115-pages, PCI DSS v3.1 makes it clear there’s much to consider when evaluating the security of your payment card environment. In fact, you may be questioning how much effort to put into the task. Is it all futile … Read more
Microsoft recently announced that it is ending support for the Windows Server 2003 operating system on July 14, 2015. Windows Server 2003 is heavily relied upon in e-commerce. Therefore, if your business conducts e-commerce (i.e., has a website with a shopping cart), then it’s possible … Read more
12/21/15 Update: The PCI SSC is extending the migration completion date to 30 June 2018 for transitioning from SSL and TLS 1.0 to a secure version of TLS (currently v1.1 or higher). Learn more here. 4/15/15 Update: The PCI SSC released PCI DSS v3.1 on its … Read more
The United States Computer Emergency Readiness Team (US-CERT) has issued an advisory warning of a new POS malware that, “at the time of discovery and analysis…had low to zero percent anti-virus detection rates, which means that fully updated anti-virus engines on fully patched computers could … Read more