This should no longer be used for PCI scoping exercises but is provided here for reference and historical purposes. Everyone should be using the PCI SSC Information Supplement on Scoping and Network Segmentation.
Announcements
If you are posting a comment, be patient, as the comments will not be published until they are approved.
If your organization has a PCI opportunity, is in need of assistance with a PCI issue or if you would like the PCI Guru to speak at your meeting, you can contact the PCI Guru at pciguru AT gmail DOT com.
I do allow vendors to post potential solutions in response to issues that I bring up in posts. However, the PCI Guru does not endorse any specific products, so "Caveat Emptor" - let the buyer beware. Also, if I feel that the response is too "sales-ee", I reserve the right to edit or not even authorize the response.
PCI Guru Search
PCI Guru Recent Posts
- PCI Dream Team LIVE! Is Coming In October
- Last PCI DSS v4 Request For Comments Period
- Same Dream Team, New Venue
- April 2021 Assessor Newsletter
- No 2021 Community Meetings
- There Will Be No PCI DSS v4
- PCI Dream Team at Secure360 2021
- Quick Update on PCI DSS v4
- Quick Hits From PCI Dream Team Session 10
- Network Segmentation Testing
PCI Guru Top Posts
- PCI Dream Team LIVE! Is Coming In October
- Pre-Authorization And Post-Authorization (Part 1)
- About
- One-, Two-, And Three-Factor Authentication
- Issuers and Financial Institutions
- Network Segmentation Testing
- Quick Update on PCI DSS v4
- PCI Compliance Scam? You Tell Me
- Post Series References
- PCI Scoping Tool
Blogroll
- Anton Chuvakin Blog – "Security Warrior"
- Chip and PIN Blog
- Froud On Fraud
- Herjavec Group Blog
- Krebs On Security
- Nige The Security Guy
- NuArx Blog
- Online Business Systems Blog
- PCI DSS News And Information
- PCI France
- Postmodern Security
- PYMNTS.com
- SANS Cloud Blog
- Shift4 4titude Blog
- Ultra Secure Network Architecture
Professional Organizations
- Carnegie Mellon University CERT Division
- ETA's Encyclopedia Of Terminology
- Information Systems Audit and Control Association (ISACA)
- Information Systems Security Association (ISSA)
- InfraGard
- NIST Computer Security Resource Center
- PCI Security Standards Council
- US Department of Homeland Security CERT
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 31 | |||||
