PCI Quick Tips

Posted: November 12th, 2010

Do: Encrypt cardholder data. Use products that are approved for the PCI standard. Understand the concept of compensating controls.

Read More

Preparing for New PCI Standards

Posted: August 16th, 2010

According to CSP Daily News the PCI Security Standards Council has just introduced the plan for Version 2.0 of its PCI standards which are due to take effect in October of 2010. Version 2.0 of PCI DSS and PA-DSS do not introduce any new major requirements. Key updates, clarifications and guidance include:

Read More

Cloak and Dagger Security: Hide and Protect your Server

Posted: March 22nd, 2010

Typically, the first step on the road to hacking a particular site is knowing all there is to know about that site, including what type of server it is hosted on. Server anonymization is a method of enhancing the security of a host by removing the ability of hackers and other intruders to get identifying […]

Read More

PCI DSS 6.5.6

Posted: January 20th, 2010

Information Leakage and Improper Error Handling Information leakage and improper error handling happen when web applications do not limit the amount of information they return to their users. Web applications have the potential of leaking information about the version of web server (IIS, Apache, etc..) you are running, operating system, patch levels, and name and […]

Read More