PCI-DSS and Vulnerability Management

Last August 1, 2015, I presented about a known security standard for credit cards. The Payment Card Industry Data Security Standard (PCI-DSS) is a standard used to protect data of merchants and banks that utilize the credit card facility.

There are 12 requirements of PCI-DSS. I focused my presentation on the vulnerability management side since I handled the vulnerability assessment (VA) in my previous work.

For the demo, I used the trial version of Acunetix vulnerability scanner. I used the test website to and verified 1 of the vulnerabilities (sending data in cleartext) and exploiting it by using Wireshark.

My presentation can be found here: PCI_MSORMAN.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s