PCI penetration testing guide
Things just got real for companies that need to comply with PCI requirements. Not only is PCI v3.2 mandated, the PCI Standards Security Council has issued guidance on using penetration testing as part of vulnerability-management programs.
In April 2016, the Payment Card Industry Security Standards Council (PCI SSC) released PCI Data Security Standard (PCI DSS) version 3.2. With the updates came clarification to requirements, additional guidance, and seven additional new requirements.
To address issues related to cardholder data breaches and protect against existing exploits, PCI DSS v.3.2 includes various changes, most of which are specific to service providers. This includes new penetration testing requirements that now require segmentation testing for Service Providers to now be performed at least every six months or after any significant changes to segmentation controls/methods. In addition, there are several requirements to ensure that service providers are continuously monitoring and maintaining critical security controls throughout the year.
- 攻守道:企業(yè)數(shù)字業(yè)務(wù)安全風(fēng)險與防范
- INSTANT Burp Suite Starter
- 暗戰(zhàn)亮劍:黑客滲透與防御全程實錄
- 開發(fā)者的Web安全戒律:真實威脅與防御實踐
- 深入淺出隱私計算:技術(shù)解析與應(yīng)用實踐
- Preventing Digital Extortion
- 解密數(shù)據(jù)恢復(fù)
- 情報驅(qū)動應(yīng)急響應(yīng)
- 先進云安全研究與實踐
- 數(shù)據(jù)保護:工作負載的可恢復(fù)性
- 實用黑客攻防技術(shù)
- 網(wǎng)絡(luò)服務(wù)安全與監(jiān)控
- 網(wǎng)絡(luò)安全實戰(zhàn)詳解(企業(yè)專供版)
- CPK通向賽博安全之路:理論與實踐CPK Solution to Cyber Security:Theory and Practice
- 大中型網(wǎng)絡(luò)入侵要案直擊與防御