PCI Set to Ban SSL Protocol

Update The PCI SSC published version 3.1 of the PCI DSS on April 15th, 2015, effectively immediately. As Anitian anticipated, the new version of the DSS states that both “SSL and early TLS are not considered strong cryptography and cannot be used as a security...

Can Security Analytics Replace Humans?

In a recent series on this blog, we reflected on the growing market for Security Analytics technologies. Over the past few months, we have been continuing this discussion with practitioners and leaders in the industry. One question that many have asked is: “Can we...
PCI 3.0 Secure Authentication Requirement

PCI 3.0 Secure Authentication Requirement

The new PCI-DSS 3.0 has introduced a number of new requirements. While some of the changes like penetration testing are getting most of the attention, there are numerous less obvious updates that are equally important. One of the new requirements that is that flying...