Compliance
The move to a risk-based approach to PCI-DSS rather than a compliance-based approach would enable the transformation of PCI-DSS from a compliance standard to a security standard.
READ POST
Compliance
As an information security professional, my experience within the payment card security industry has taught me that credit card fraud is not just an information security or information technology issue, but increasingly also a financial one. In order to process …
READ POST
NetsPWN: Assessment Services
As an organization that performs a large volume of code reviews and penetration tests, NetSPI is frequently asked which type of application assessment is the best option. Your primary options are a code review or a web application penetration test. …
READ POST
Compliance
Many brick-and-mortar merchants maintain some type of e-commerce environment. For those of you experienced in management of PCI, this has obvious implications: assessment of infrastructure, firewalls, web servers, server administration, access controls, cardholder data encryption, storage, retention and transmission, database …
READ POST
Security Industry
In late March Thales released an interesting report on the state of PCI – “PCI DSS Trends 2010: QSA Insights Report.” The report was written by the Ponemon Institute and it highlights the difficulty of taking into account risk, security …
READ POST
Compliance
Looking over the findings of the last few dozen PCI gap assessments that NetSPI has performed, I am struck by the fact that today, well into version 1.2 of the Payment Card Industry Data Security Standard (PCI DSS, or just …
READ POST
Compliance
Because of increasing threats, high-profile data breaches, and increased awareness of the damage they cause, we anticipate a substantial tightening of regulations and contractual requirements that will significantly impact [...]
READ POST
Compliance
The last few years have seen a great deal of discussion, arguing, hand-wringing, and posturing within the retail / hospitality community regarding the PCI DSS. It has also driven a lot of investment in technology--and a lot of investment by technology companies.
READ POST
Solutions
Services
About NetSPI
Contact Us
Copyright ©2012 NetSPI Inc. All rights reserved