What should I be logging in Windows to pass PCI DSS assessment v3.0? – this and similar questions come up rather often when it comes to fulfilling Section 10 of PCI DSS v3.0. In Part 1, we are looking at… Continue Reading
Group to collect study materials and connect people studying for all CISSP Concentrations: ISSAP, ISSEP, ISSMP. All in one place. Easy to access. Join HERE.
Robust, reliable and scalable Log Management requires a huge effort from all companies trying to achieve and maintain PCI DSS compliance. PCI DSS v3 mandates the following requirements for all devices located in the Cardholder Data Environment: 10.1 Implement audit… Continue Reading
Any reputable IT accreditation (think CISSP, CISA, GIAC) comes with an ongoing, annual maintenance effort, usually in a form of the Continuing Professional Education (‘CPE’) credits. Typically, an individual holding such certification is required to gather minimum 20 CPEs per… Continue Reading
“Get the ‘must know’ details about PCI DSS 3.0 from one of the original authors of PCI DSS 1.0. PCI expert, Didier Godart, explains: Which changes are most significant? How the changes will impact you & what actions you need… Continue Reading
Following the recent security breach at Target, which affected 40 millions customers; ISC2 raised a question, whether PCI DSS is still current and adequately protects cardholder data. I strongly believe that it does protect cardholder data, if it’s enforced properly throughout… Continue Reading
The market of Qualified Security Assessors (‘QSAs’) has grown rapidly since the introduction of PCI DSS version 1.0 back in 2005. The article aims to help companies to pick the right QSA. 1. Focus your search on individuals you would… Continue Reading
During my CISSP-ISSAP studies, I put together a mindmap of all areas, which need to be covered during the CISSP-ISSAP exam. Feel free to review/amend it as you wish. The mindmap was created in the Mindjet MindMap Manager. Download PDF… Continue Reading
For those, who are ISC(2) accredited (SSCP, CAP, CSSLP, CISSP, ISSAP, ISSMP, ISSEP, CCFP, HCISPP), there is a free OWASP Top 10 Course offered. It provides a very comprehensive overview of TOP 10 vulnerabilities and mitigation controls. Log in to the… Continue Reading
As pure-payment protection, it offers undeniably higher levels of security and intuitive customer experience LONDON, Aug. 12, 2013 /PRNewswire/ — With the explosion in smartphones usage, the number of payments done via mobile devices has significantly… Continue Reading