If you read nothing else this week, you need to read this posting by Daniel E. Geer, Jr., Sc.D.
If you are posting a comment, be patient, as the comments will not be published until they are approved.
If your organization has a PCI opportunity, is in need of assistance with a PCI issue or if you would like the PCI Guru to speak at your meeting, you can contact the PCI Guru at pciguru AT gmail DOT com.
I do allow vendors to post potential solutions in response to issues that I bring up in posts. However, the PCI Guru does not endorse any specific products, so "Caveat Emptor" - let the buyer beware. Also, if I feel that the response is too "sales-ee", I reserve the right to edit or not even authorize the response.
PCI Guru Search
PCI Guru Recent Posts
- Third Party Service Provider PCI Compliance
- The Council Issues A New Information Supplement
- Disaster Recovery And PCI
- iFrame Hack Reported
- Is The PCI DSS Even Relevant Any More?
- The NRF’s Collective Amnesia
- Just Had To Comment
- Heads Up – Changes To SAQ A
- Hold Your Horses
- Learning Moments From Security Conversations – Part 1
PCI Guru Top Posts
- One-, Two-, And Three-Factor Authentication
- PCI Compliance Scam? You Tell Me
- Network Segmentation – Take 2
- P2PE Versus E2EE
- The 'MPLS Is A Private Network' Debate
- Merchant, Service Provider Or Both?
- The Purpose Of Penetration Testing
- The Amazon Cloud And PCI Compliance
- In Scope versus Out of Scope
- PCI DSS v3 Requirement 10.6