This should no longer be used for PCI scoping exercises but is provided here for reference and historical purposes. Everyone should be using the PCI SSC Information Supplement on Scoping and Network Segmentation.
Announcements
If you are posting a comment, be patient, as the comments will not be published until they are approved.
If your organization has a PCI opportunity, is in need of assistance with a PCI issue or if you would like the PCI Guru to speak at your meeting, you can contact the PCI Guru at pciguru AT gmail DOT com.
I do allow vendors to post potential solutions in response to issues that I bring up in posts. However, the PCI Guru does not endorse any specific products, so "Caveat Emptor" - let the buyer beware. Also, if I feel that the response is too "sales-ee", I reserve the right to edit or not even authorize the response.
PCI Guru Search
PCI Guru Recent Posts
- Join Me On September 3
- PCI Dream Team Is Back On BrightTalk
- The Security/Compliance Disconnect
- The 2020 PCI Community Meetings Go Virtual
- DevOps And PCI – Part 2
- DevOps And PCI – Part 1
- The Last (Hopefully) Scoping Discussion
- Upcoming PCI Dream Team Events
- The Joke That Is SAQ A
- Surprise! PCI Largely Ignores Disaster Recovery
PCI Guru Top Posts
- One-, Two-, And Three-Factor Authentication
- PCI Compliance Scam? You Tell Me
- Ultra Secure Network Architecture
- Network Segmentation Testing
- Third Party Service Provider PCI Compliance
- In Scope versus Out of Scope
- Links To Card Brand Security Programs
- Work From Home PCI Considerations
- Disaster Recovery And PCI
- DevOps And PCI – Part 1
Blogroll
- Anton Chuvakin Blog – "Security Warrior"
- Chip and PIN Blog
- Froud On Fraud
- Herjavec Group Blog
- Krebs On Security
- Nige The Security Guy
- NuArx Blog
- Online Business Systems Blog
- PCI DSS News And Information
- PCI France
- Postmodern Security
- PYMNTS.com
- SANS Cloud Blog
- Shift4 4titude Blog
- Ultra Secure Network Architecture
Professional Organizations
- Carnegie Mellon University CERT Division
- ETA's Encyclopedia Of Terminology
- Information Systems Audit and Control Association (ISACA)
- Information Systems Security Association (ISSA)
- InfraGard
- NIST Computer Security Resource Center
- PCI Security Standards Council
- US Department of Homeland Security CERT
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | ||||
