PCI DSS

All of the ciphers listed are Forward Secrecy (FS) enabled and are highly recommended. They work with pretty much everything you could possibly run into at…

May 4, 2017
5:29 pm
Reads:
2,327
Score:
5

How is managing user access to IT resources like managing customer access to movies at a megaplex theater? Both megaplex managers and IT managers must weigh the cost of enforcing access rules. Megaplex rules generally prohibit theater hopping, the practice of paying to see one movie, then sampling other movies in the megaplex for free….

+ read more

Travis Greene
Apr 16, 2015
7:27 am
Reads:
2,383
Score:
Unrated

This package provides a script that will populate data into Sentinel 7 that can be used to demonstrate the PCI DSS reports. Instructions for using this package are below. README For Sentinel PCI DSS DEMO Summary: —————— This package provides a script that will populate data into Sentinel 7 that can be used to demonstrate…

+ read more

By: jgassner
Oct 2, 2012
6:26 am
Reads:
2,297
Score:
Unrated

This file contains sample reports for the complete set of reports found in the Sentinel PCI Solution Pack (version 2011.1r1). Since the name of the sample report contains the PCI-DSS control number it relates to, this sample report bundle is a convenient way to show the functionality provided by the solution pack and how it…

+ read more

By: jgassner
Sep 20, 2012
7:41 am
Reads:
2,146
Score:
Unrated

I attended the 2010 RSA Conference in San Francisco last week. As expected, one of the major themes resonating throughout the conference keynotes, sessions, and exhibit hall was the opportunity we have as security professionals to help secure increasingly virtualized and cloud-based infrastructures. More on that in my next blog. During the show, I attended…

+ read more

Renee Bradshaw
Mar 12, 2010
10:40 am
Reads:
2,562
Score:
Unrated

Just read this from BankInfoSecurity, on the class action suit against Heartland with respect to the breach that occured last year.  What I think is interesting is that the statement by Bob Carr regarding PCI compliance and security is now apparently being used as a proof-point that Heartland knew their security was sub-standard: ‘In a…

+ read more

GeoffWebb
By: GeoffWebb
Oct 7, 2009
5:38 am
Reads:
2,929
Score:
Unrated

This is a fascinating piece by Brian Prince at eWeek. It’s so interesting because it highlights two fundamental issues and areas of contention around both security and compliance and it does it very succinctly. First, there’s the omni-present undercurrent of discontent around compliance mandates such as PCI-DSS – probably best summed up in the sentiment…

+ read more

GeoffWebb
By: GeoffWebb
Aug 6, 2009
9:02 am
Reads:
2,905
Score:
Unrated

Log management seems to be one of those topics that comes up whenever I get into a conversation about security challenges. It’s a constant thorn in the side for a lot of security teams, simply because every time you think you’ve nailed the problem down, it comes right back at you. I think log management…

+ read more

GeoffWebb
By: GeoffWebb
Jun 3, 2009
11:17 am
Reads:
3,068
Score:
Unrated

Interop came to a close, and overall it was a good shot.  While the crowds may have been somewhat smaller, the enthusiasm for applying technology to solve problems is as strong as ever.  Between discussing what NetIQ is up to and offering commiserations for those to whom lady luck had not been kind (this was…

+ read more

GeoffWebb
By: GeoffWebb
May 21, 2009
8:53 am
Reads:
2,871
Score:
Unrated

Ouch. This from SC Magazine – $12.6 Million in fines and other costs for Heartland as a result of their breach last year. Of course, the long-term costs are likely to be far higher than this initial round: “It’s still early to understand everything that’s going to impact the final total of what this will…

+ read more

GeoffWebb
By: GeoffWebb
May 14, 2009
9:22 am
Reads:
3,254
Score:
Unrated
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow