Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- PCI-DSS 1.1 points to outdated OWASP Top 10
- OK, I'm not going to freak out about this too bad... I've already pointed out enough problems with PCI, but I did find it morbidly entertaining. My good friend Jeremiah Grossman pictured at right blogged today about the PCI-DSS 1.1 section 6.5, which covers "prevention of common coding vulnerabilities in...
- Tags: XSS, PCI, Security, Storage, Hardware, Nathan McFeters
- Blog posts 2008-07-02
- McAfee S.P.A.M. experiment and more ridiculous HackerSafe failures
- Stay with me here readers, I'm stringing two stories about McAfee together here, a little out of the ordinary, so I hope it makes sense. If you aren't interested in the tech details of which there are very little, please do read for a good laugh. Network World reported...
- Tags: McAfee Inc., Organize-It, PCI, Phishing, Cyberthreats, Marketing Research, Storage, Hardware, Security, Spam And Phishing, Marketing, Nathan McFeters
- Blog posts 2008-07-01
- Sentinel (exe)
- Advanced file integrity checker that integrates seamlessly with your anti-virus/trojan applications. Sentinel audits your system folder (as well as upto 20 other folders) for the slightest file changes and/or additions. If any files fail the integrity check, your anti-virus/trojan program will be notified. Sentinel, has been critically acclaimed worldwide for...
- Tags: RuntimeWare, Sentinel, Sarbanes-Oxley, Regulatory Compliance, PCI, Asset Management, Regulations, Government, Financial Accounting, Finance, Human Resources, Policies And Procedures, Storage, Hardware, Operational Planning, Business Operations
- Software downloads 2008-06-18
- Extending PCI Compliance to the Mobile Workforce
- The Payment Card Industry PCI Security Standards Council developed an explicit Data Security Standard DSS which outlines the minimum controls necessary to protect the system components that support cardholder data environments. The Council added teeth to the security standard by enforcing it through regular audits and assessments conducted by authorized...
- Tags: Point-of-sale, Payment, Mobile, PCI, Fiberlink Communications, Operational Accounting, Security, Finance
- White papers 2008-05-07
- PCI Compliance gets clarified and neutered (further)
- PCI Compliance gets clarified and neutered furtherStraw man argumentI think you are missing something, namely the first part of the section that you just quoted: [i]Having all custom application code reviewed for common vulnerabilities by an organization that specializes in application security[/i]I'll be the first to acknowledge that I know...
- Tags: PCI Standard, PCI, WAF, PCI compliance
- Discussion threads 2008-04-17
- PCI Compliance gets clarified and neutered (further)
- At one point, I thought that PCI certification was a great thing. Now I realize that it's not really about security at all... it's about money and responsibility and transferring ownership of risk. The PCI certification just got a clarification: "6.6 Ensure that all web-facing applications...
- Tags: Web, XSS, PCI, Web Application, TV, Attack, PCI Compliance, Web Application Firewalls, WAF, Security, Nathan McFeters
- Blog posts 2008-04-17
- Security expert discusses a possible future for PCI-DSS... it's grim
- Jeremiah Grossman discussed some recent comments about section 6.6 of the PCI standard made by Standards Council General Manager Bob Russo in a recent Information Security magazine article. I found a lot of thoughts I share with Grossman. Grossman says: I have a love-hate relationship with PCI-DSS. Love it...
- Tags: Security, PCI, Web Application, Application Firewall, Security Expert, Jeremiah Grossman, Ruso, Firewalls, Networking, Nathan McFeters
- Blog posts 2008-04-14
- IT Manager Webcast: Microsoft IT Compliance: Policy, HBI, SOX, and PCI (Level 200)
- Disclosure of High Business Impact HBI information might cause severe material loss to Microsoft, the information asset owner, or relying parties. The attendee of this webcast will learn how Microsoft developed HBI policy that complies with SOX and the Payment Card Industry PCI standards. The attendee will also learn how...
- Tags: Webcast, Sarbanes-Oxley Act, Compliance, PCI, Microsoft Corp., Sarbanes-Oxley, Regulatory Compliance, Asset Management, Quality, Regulations, Operational Accounting, Government, Financial Accounting, Finance, Human Resources, Policies And Procedures, Operational Planning, Business Operations
- Webcasts 2008-04-03
- Rejoice!!! Scanless PCI is here!
- Why are we still talking about the value of PCI Compliance? Now we can all get it for free due to a great new product! It's called Scanless PCI. The premise is pretty simple, go to the website, grab the code, throw it on your website and poof. You're PCI certified....
- Tags: PCI, Web Site Development, Storage, Hardware, Internet, Nathan McFeters
- Blog posts 2008-04-01
- PCI security standard endangers wireless LANs
- PCI security standard endangers wireless LANsI see no problem with SSID hidingThe real problem is that the SSID probe request contains enough information to facilitate offline cracking.The SSID probe request will always be there, if it's insecure, then make it secure!Users will always use urban legend security sometimes in addition...
- Tags: Wi-Fi, Retail, LANs, SSID, PCI, security, wireless, wireless lan, LAN, retail company, PCI security standard
- Discussion threads 2008-03-11
- PCI security standard endangers wireless LANs
- With wireless penetration tools like KARMA and the new FreeRADIUS-WPE, users who are using urban legend security and enterprise wireless LANs are more vulnerable than ever. One of the biggest threats facing wireless LAN users is SSID probing which is forced by the reckless usage of SSID broadcast suppression....
- Tags: Security, LAN, SSID, PCI, WLAN, Security Standard, PCI Security Standard, Wi-Fi, Wireless, George Ou
- Blog posts 2008-03-11
- Deadlines Passed, But Merchants are Still Out of Compliance
- The PCI-DSS deadlines for level 1 and level 2 merchants have come and gone, but questions still linger on how to meet compliance. This webinar covers the following topics: The risk management and operational costs associated with data breaches and why PCI is important to offset those...
- Tags: Ipswitch Inc., Compliance, PCI, Storage, Hardware
- Webcasts 2008-02-13
- What Every Retail CIO Needs to Know About PCI Compliance and Secure Seamless Mobility
- Concerns about security have prevented retailers from realizing the full return on their investments in wireless technology. Fortunately, retailers are not forced into a trade-off between the efficiency of wireless technology and the enhanced security of wired networks. It is in fact possible to protect the wireless networks of retailers...
- Tags: PCI, Mobility, Wi-Fi, Wireless
- White papers 2008-02-01
- Meeting PCI DSS Merchant Requirements With a WatchGuard Firebox
- The goal of the Payment Card Industry Data Security Standard PCI DSS is to create a framework for good security practice around the handling of cardholder data. A PCI-compliant operating environment is one in which the cardholder data exists (i.e., it does NOT refer to the whole corporate network), and...
- Tags: PCI, Storage, Hardware
- White papers 2008-02-01
- Pragma Systems: Using SSH for PCI Compliance
- The objective of this paper is to examine the federal and industry regulatory environment and to analyze the benefits of utilizing Secure Shell SSH in achieving PCI compliance. In addition, to review the role Pragma Systems, Inc. and its FortressSSH product can play in a robust, secure computing environment. In...
- Tags: Payment, SSH, Pragma Systems, PCI, Operational Accounting, Storage, Hardware, Finance
- White papers 2008-01-18
- Continuous File Integrity Monitoring: A New Approach for PCI DSS Compliance
- When it comes to IT infrastructure, a strong compliance posture requires two key components trusted state and safe change actions. Payment Card Industry Data Security Standard PCI DSS compliance, in particular, highlights the need for safe change actions. File Integrity Monitoring FIM is the capability to monitor files and directories...
- Tags: Compliance, Monitoring, Solidcore Systems, File Integrity Monitoring, PCI, Storage, Hardware
- White papers 2008-01-07
- PCI Compliance Cost Analysis: A Justified Expense
- The Payment Card Industry Data Security Standard (PCI-DSS) was created by the credit card companies and is intended to protect cardholder data wherever it resides, ensuring that merchants and service providers maintain the highest degree of information security for their customers. While the standard is meant to have a positive...
- Tags: Analysis, Merchant, Solidcore Systems, PCI, Storage, Hardware
- White papers 2007-12-12
- PCI Policy Compliance Using Information Security Policies Made Easy
- Many organizations are building or updating written information security policies in response to the newly updated Payment Card Industry Data Security Standard (PCI-DSS). Written information security policies are fundamental to an effective information security program and required for compliance with many frameworks and regulations, including PCI, HIPAA, COBIT and many...
- Tags: Information Security, Compliance, Information Shield, PCI, Security, Storage, Hardware
- White papers 2007-12-10
- Employing IBM Database Encryption Expert to Meet Encryption and Access Control Requirements for the Payment Card Industry Data Security Standards (PCI DSS)
- In 2004, Visa USA, MasterCard International, American Express and Discover aligned their individual data protection programs to create the Payment Card Industry Data Security Standard PCI DSS or PCI. This alignment in standards provided an industry-wide framework that complemented each brands' individual security policies - MasterCard's Site Data Protection program...
- Tags: Visa Inc., Card, Database, Payment, Industry, Access Control, Encryption, Standards, IBM Corp., PCI, Security, Storage, Hardware
- White papers 2007-12-01
- Minimize the Burden of PCI Section 3: A New Approach to Credit Card Encryption
- Encryption represents one of the most important mandates for PCI compliance - and it also represents one of the most difficult requirements to implement successfully and cost effectively. This paper describes a new approach to managing encrypted data that significantly strengthens an organization's security posture, while minimizing the cost and...
- Tags: Credit Card, Paymetric, Encryption, PCI, Security, Storage, Hardware
- White papers 2007-12-01
White Papers and Webcasts
The Cisco Mobility Resource Center offers FREE videos, downloads, podcasts and more, all designed to help small and medium businesses get mobile connectivity solutions, improve productivity and drive sales and revenue.
