Before we begin, there’s one thing to make very, very clear: You cannot outsource ALL compliance! I do not care what some vendor says. No single service makes you compliant. Only you can make you compliant. While vendors can take you most, if not all the way to compliance. You must still confirm their compliance […]
Multi-factor authentication (MFA) is a tried and true technology that rarely incites debate. How then did MFA became a hotly debated topic at the PCI Standards Council North American Community Meeting? The answer is a classic clash of theory and reality.
Anitian’s Workbook for PCI Compliance in the AWS Cloud takes the guesswork out of making your AWS infrastructure PCI DSS compliant.
The new PCI 3.0 introduces a subtle, but important new requirement for addressing security authentication and session management for web applications.
The Target breach has ignited a firestorm of debate over the efficacy of the PCI-DSS. The problem with the PCI-DSS is not the standard, but a deeply flawed an corrupted assessment process.
Anitian analyzes the new requirements to the PCI DSS 3.0
I find your lack of a scope of compliance disturbing.