PCI

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

PCI Compliance gets clarified and neutered (further)

PCI Compliance gets clarified and neutered (further)Straw man argumentI think you are missing something, namely the first part of the section that you just quoted: [i]Having all custom application code reviewed for common vulnerabilities by an organization that specializes in application security[/i]I'll be the first to acknowledge that I know...

Tags: PCI Standard, PCI, WAF, PCI compliance

Discussion threads 2008-04-17

PCI Compliance gets clarified and neutered (further)

At one point, I thought that PCI certification was a great thing.  Now I realize that it's not really about security at all... it's about money and responsibility and transferring ownership of risk. The PCI certification just got a clarification: "6.6 Ensure that all web-facing applications...

Tags: Web, XSS, PCI, Web Application, TV, Attack, PCI Compliance, Web Application Firewalls, WAF, Security, Nathan McFeters

Blog posts 2008-04-17

Security expert discusses a possible future for PCI-DSS... it's grim

Jeremiah Grossman discussed some recent comments about section 6.6 of the PCI standard made by Standards Council General Manager Bob Russo in a recent Information Security magazine article.  I found a lot of thoughts I share with Grossman.  Grossman says: I have a love-hate relationship with PCI-DSS. Love it...

Tags: Security, PCI, Web Application, Application Firewall, Security Expert, Jeremiah Grossman, Ruso, Firewalls, Networking, Nathan McFeters

Blog posts 2008-04-14

Rejoice!!! Scanless PCI is here!

Why are we still talking about the value of PCI Compliance?  Now we can all get it for free due to a great new product!  It's called Scanless PCI.  The premise is pretty simple, go to the website, grab the code, throw it on your website and poof. You're PCI certified....

Tags: PCI, Web Site Development, Storage, Hardware, Internet, Nathan McFeters

Blog posts 2008-04-01

PCI security standard endangers wireless LANs

PCI security standard endangers wireless LANsI see no problem with SSID hidingThe real problem is that the SSID probe request contains enough information to facilitate offline cracking.The SSID probe request will always be there, if it's insecure, then make it secure!Users will always use urban legend security (sometimes) in addition...

Tags: Wi-Fi, Retail, LANs, SSID, PCI, security, wireless, wireless lan, LAN, retail company, PCI security standard

Discussion threads 2008-03-11

PCI security standard endangers wireless LANs

With wireless penetration tools like KARMA and the new FreeRADIUS-WPE, users who are using urban legend security and enterprise wireless LANs are more vulnerable than ever. One of the biggest threats facing wireless LAN users is SSID probing which is forced by the reckless usage of SSID broadcast suppression....

Tags: Security, LAN, SSID, PCI, WLAN, Security Standard, PCI Security Standard, Wi-Fi, Wireless, George Ou

Blog posts 2008-03-11

Deadlines Passed, But Merchants are Still Out of Compliance

The PCI-DSS deadlines for level 1 and level 2 merchants have come and gone, but questions still linger on how to meet compliance. This webinar covers the following topics: The risk management and operational costs associated with data breaches and why PCI is important to offset those...

Tags: Ipswitch Inc., Compliance, PCI, Storage, Hardware

Webcasts 2008-02-13

What Every Retail CIO Needs to Know About PCI Compliance and Secure Seamless Mobility

Concerns about security have prevented retailers from realizing the full return on their investments in wireless technology. Fortunately, retailers are not forced into a trade-off between the efficiency of wireless technology and the enhanced security of wired networks. It is in fact possible to protect the wireless networks of retailers...

Tags: PCI, Mobility, Wi-Fi, Wireless

White papers 2008-02-01

Pragma Systems: Using SSH for PCI Compliance

The objective of this paper is to examine the federal and industry regulatory environment and to analyze the benefits of utilizing Secure Shell (SSH) in achieving PCI compliance. In addition, to review the role Pragma Systems, Inc. and its FortressSSH product can play in a robust, secure computing environment. In...

Tags: Payment, SSH, Pragma Systems, PCI, Operational Accounting, Storage, Hardware, Finance

White papers 2008-01-18

PCI Policy Compliance Using Information Security Policies Made Easy

Many organizations are building or updating written information security policies in response to the newly updated Payment Card Industry Data Security Standard (PCI-DSS). Written information security policies are fundamental to an effective information security program and required for compliance with many frameworks and regulations, including PCI, HIPAA, COBIT and many...

Tags: Information Security, Compliance, Information Shield, PCI, Security, Storage, Hardware

White papers 2007-12-10

Employing IBM Database Encryption Expert to Meet Encryption and Access Control Requirements for the Payment Card Industry Data Security Standards (PCI DSS)

In 2004, Visa USA, MasterCard International, American Express and Discover aligned their individual data protection programs to create the Payment Card Industry Data Security Standard (PCI DSS or PCI). This alignment in standards provided an industry-wide framework that complemented each brands' individual security policies - MasterCard's Site Data Protection program...

Tags: Visa Inc., Card, Database, Payment, Industry, Access Control, Encryption, Standards, IBM Corp., PCI, Security, Storage, Hardware

White papers 2007-12-01

PCI DSS Compliance: A Difficult But Necessary Journey

The need to comply with the Payment Card Industry Data Security Standard (PCI DSS) has been a rude wake up call for thousands of companies who believed their networks are secure and safe from security breaches. This standard is a set of network security requirements agreed upon by five of...

Tags: PCI, Security, Networking, Storage, Hardware

White papers 2007-11-07

Sun launches Intel Workstation on X38 platform

Following last month's launch of dual-socket and quad-socket Intel-based servers, Sun Microsystems launched its first Intel based workstations in two decades.  The Sun Ultra 24 Workstation is based on the latest Intel X38 chipset (which replaced Intel's 975 chipset). Equipped with Intel quad-core processors, up to 8...

Tags: Workstation, Sun Microsystems Inc., Intel Corp., Sun Ultra 24 Workstation, Sun Solaris, PCI, UNIX, Operating Systems, FireWire, Workstations, Servers, Software, Storage, Hardware, Consumer Electronics, Personal Technology, George Ou

Blog posts 2007-10-24

DB2 Security and PCI Compliance: A Best Practices Guide

PCI is a set of collaborative security requirements for the protection of credit card transactions and cardholder data for all brands. This paper will review DB2 solutions that are compliant to the requirements for data at rest encryption in the PCI Data Security Standard and are based on a design...

Tags: Best Practice, Encryption, IBM DB2, Protegrity, PCI, Security, Storage, Hardware

White papers 2007-10-19

System Analyser (zip)

System Analyser gives comprehensive information about your system: Bios, Network, Dos, CPU/FPU, Cache, Memory, SPD, Video, AGP, Monitor, Drives, partitions, IDE, ATAPI, SATA, CD-Rom, DVD, Blue-ray Disk, RPC2, Lpt, Rs232, Mouse, Keyboard, IEEE 1284, Modem, Fax, ISDN, Sound, ASPI/CAM, SCSI, DMI, PCI, PCI Express, PCMCIA, Plug and Play, APM, ESCD,...

Tags: PCI, Serial ATA, Y2K, BIOS, Modems, Storage, Hardware, Components

Software downloads 2007-10-11

Internet Satellite TV Player (exe)

Internet Satellite TV Player will allow you to watch more than 1300 TV channels worldwide, wherever you are, only having a PC with Internet access. You don't need to buy any PCI card, computer device, satellite dish, nor pay for a subscription or monthly fees. You will be able to...

Tags: Channel, Computer, Internet, Productivity, TVs, PCI, Tv & Home Theater, Personal Technology, Home Entertainment, Storage, Hardware

Software downloads 2007-10-08

Web application security and PCI DSS compliance: is your data secure?

In addition to being a good business practice, Web security is now mandated across all industries in the United States through the Payment Card Industry (PCI) Data Security Standard (DSS). While IT departments cannot control or drive all PCI DSS compliance initiatives, they can help meet compliance by deploying...

Tags: Hewlett-Packard Co., Compliance, Web Application, Application Security, PCI, Security, Storage, Hardware

White papers 2007-10-01

PCI Data Security Standard: The Risk Mitigation Challenges of the "12 Commandments"

Payment Card Industry's (PCI) is designed to safeguard credit card data from the time it is received until the end of its life cycle. The stakes are high for organizations that rely on heavy use of credit card processing to sell products and services, especially on the Internet. It only...

Tags: Credit Card, Stake, Accudata Systems, Payment Card Industry, Sales Channel, PCI, Financial Services, Sales, Storage, Hardware

White papers 2007-10-01

How NetIQ Helps Address the Toughest PCI Challenges

In this white paper you will learn: The language and key challenges in PCI DSS v1.1 The requirements for security best practices, including information security policy development, monitoring changes and threats, and assessing misconfigurations and vulnerabilities How NetIQ Security Management, Configuration Control and Enterprise Administration solutions...

Tags: NetIQ Corp., PCI, Security, Storage, Hardware

White papers 2007-09-24

Profiting from PCI compliance

Working together, the major payment card providers have developed a set of data security standards and created a council for enforcing them. Although the Payment Card Industry Data Security Standard (PCI DSS) has become a global requirement, many organizations are lagging in compliance. For many companies, regulatory compliance can already...

Tags: Compliance, Data Security, PCI, Storage, Hardware

White papers 2007-09-01