Comments on: PCI Extends Its Reach to Application Security http://www.veracode.com/blog/2007/09/pci-extends-its-reach-to-application-security/ Application security testing, analysis, and metrics Tue, 15 May 2012 22:16:53 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: coder http://www.veracode.com/blog/2007/09/pci-extends-its-reach-to-application-security/comment-page-1/#comment-2288 coder Tue, 21 Oct 2008 04:53:57 +0000 http://www.veracode.com/blog/?p=63#comment-2288 Item 6.6 may be mandatory, but you don't have to do it.... https://www.pcisecuritystandards.org/pdfs/infosupp_6_6_applicationfirewalls_codereviews.pdf Item 6.6 may be mandatory, but you don’t have to do it….
https://www.pcisecuritystandards.org/pdfs/infosupp_6_6_applicationfirewalls_codereviews.pdf

]]> By: Zero in a bit » WAF Better Than Code Review? Think Again. http://www.veracode.com/blog/2007/09/pci-extends-its-reach-to-application-security/comment-page-1/#comment-947 Zero in a bit » WAF Better Than Code Review? Think Again. Wed, 16 Apr 2008 02:00:35 +0000 http://www.veracode.com/blog/?p=63#comment-947 [...] is why I argued, a while back, that a WAF really should be considered a compensating control since it is more of a [...] [...] is why I argued, a while back, that a WAF really should be considered a compensating control since it is more of a [...]

]]> By: Network Security Blog » Network Security Podcast, Episode 78 http://www.veracode.com/blog/2007/09/pci-extends-its-reach-to-application-security/comment-page-1/#comment-697 Network Security Blog » Network Security Podcast, Episode 78 Sat, 05 Jan 2008 21:39:26 +0000 http://www.veracode.com/blog/?p=63#comment-697 [...] PCI Extends its reach to application security [...] [...] PCI Extends its reach to application security [...]

]]> By: Infosec Pals http://www.veracode.com/blog/2007/09/pci-extends-its-reach-to-application-security/comment-page-1/#comment-581 Infosec Pals Thu, 11 Oct 2007 04:14:03 +0000 http://www.veracode.com/blog/?p=63#comment-581 <strong>PCI Compliance to mandate Application Security Testing...</strong> Chris Eng has an excellent post on his observations from the PCI community meeting in Toronto. To quote from his blog entry at: http://www.veracode.com/blog/?p=63 Requirement 6.6 of the PCI-DSS becomes mandatory in June 2008 and requires all web-facing... PCI Compliance to mandate Application Security Testing…

Chris Eng has an excellent post on his observations from the PCI community meeting in Toronto. To quote from his blog entry at: http://www.veracode.com/blog/?p=63
Requirement 6.6 of the PCI-DSS becomes mandatory in June 2008 and requires all web-facing…

]]> By: Network Security Podcast, Episode 78 | securosis.com http://www.veracode.com/blog/2007/09/pci-extends-its-reach-to-application-security/comment-page-1/#comment-572 Network Security Podcast, Episode 78 | securosis.com Tue, 25 Sep 2007 23:11:32 +0000 http://www.veracode.com/blog/?p=63#comment-572 [...] PCI Extends its reach to application security [...] [...] PCI Extends its reach to application security [...]

]]> By: PCI DSS Compliance Demystified » Blog Archive » Community Meeting in Toronto http://www.veracode.com/blog/2007/09/pci-extends-its-reach-to-application-security/comment-page-1/#comment-570 PCI DSS Compliance Demystified » Blog Archive » Community Meeting in Toronto Tue, 25 Sep 2007 18:01:46 +0000 http://www.veracode.com/blog/?p=63#comment-570 [...] the PCI SSC Community Meeting in Toronto went very well.  Some people blogged about it. There is a great post about the future inclusion of PA-DSS into the PCI standard.  This is a long planned event that will take time to test and [...] [...] the PCI SSC Community Meeting in Toronto went very well.  Some people blogged about it. There is a great post about the future inclusion of PA-DSS into the PCI standard.  This is a long planned event that will take time to test and [...]

]]> By: The Ticking Time Bomb - PCI Application Security « Mark Curphey - SecurityBuddha.com http://www.veracode.com/blog/2007/09/pci-extends-its-reach-to-application-security/comment-page-1/#comment-569 The Ticking Time Bomb - PCI Application Security « Mark Curphey - SecurityBuddha.com Tue, 25 Sep 2007 08:35:33 +0000 http://www.veracode.com/blog/?p=63#comment-569 [...] morning I was reading an excellent post by Chris Eng about a recent PCI Council meeting he attended. Its’s surely hard for anyone to criticize the [...] [...] morning I was reading an excellent post by Chris Eng about a recent PCI Council meeting he attended. Its’s surely hard for anyone to criticize the [...]

]]> By: Liquidmatrix Security Digest » Security Briefing: September 21st http://www.veracode.com/blog/2007/09/pci-extends-its-reach-to-application-security/comment-page-1/#comment-567 Liquidmatrix Security Digest » Security Briefing: September 21st Fri, 21 Sep 2007 13:08:57 +0000 http://www.veracode.com/blog/?p=63#comment-567 [...] PCI Extends Its Reach to Application Security [...] [...] PCI Extends Its Reach to Application Security [...]

]]>