Blog
PCI DSS Compliance can’t be bought
Standard: something considered by an authority or by general consent as a basis of comparison; an approved model. During my assessments of entities that are
The latest news and tips from Complior!
Boost your knowledge on compliance and cyber security.
Standard: something considered by an authority or by general consent as a basis of comparison; an approved model. During my assessments of entities that are
PCI standard explicitly mandates about penetration testing is illustrated in Requirement 11.3. Learn about this, penetration testing and more
Tokenization replaces cardholder data with an “alias”, a separate random-generated value called a token. Learn more on the blog
A penetration test could be described as but realistic cyber attack that aims to determine how deep an attacker would be able to penetrate
When it comes to pen testing, it can always be roughly broken down in to two core phases: scanning and exploiting
Reaching the milestone of PCI DSS compliance is a big thing – a great achievement – but staying compliant is the next challenge.
Even the most expensive equipment and sophisticated knowledge in the company isn’t enough to get you through the PCI-DSS compliance process.
The fact is that hotels tend to keep card data in several different places, all where card data is vulnerable to theft and intrusions
During PCI DSS assessments, entities often mistakenly consider non-Cardholder Data Environment systems as out of scope. This includes CDE connected systems like monitoring systems or product databases, which are crucial for maintaining security.
Achieving PCI DSS compliance involves several steps. Click to see the workflow in a visual overview and learn more about the process
Complior has renewed its certification as PCI DSS Level 1 service provider – a security standard with the purpose of protecting card data
This is the first of a series of PCI-DSS posts about the mutual relationship between a Cloud Service Provider (SP) and its customers