NSS Labs to focus research on PCI technologies

Article

NSS Labs to focus research on PCI technologies

Neil Roiter, Senior Technology Editor, Information Security magazine

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

NSS Labs, well known for its security product testing and certification program, recently launched its PCI Suitability service. Merchants--from global giants to small retailers--are faced with difficult buying decisions, as they determine what technologies they need to deploy to comply with PCI-DSS. Smaller companies, in particular, need to evaluate products like intrusion prevention systems and Web application firewalls that might not have gotten serious budget consideration before PCI. In this podcast, NSS' president Rick Moy talks about the information that the PCI Suitability reports provide and how companies can use that information to help them make informed buying decisions.

  NSS Labs to focus on PCI technologies: 

  Program Links: 

  • PCI group addresses assessor issues, vendor challenges: David Taylor of the PCI Security Vendor Alliance, discusses the challenges PCI presents, the newly created PCI Knowledge Base and how the group can help both vendors and companies.

  • How to apply ISO 27002 to PCI DSS compliance: The Payment Card Industry Data Security Standard may be fairly straightforward, but it's lacking in defining the processes that will ultimately lead to PCI DSS compliance.

  • Understanding PCI DSS compensating controls: By-the-book PCI DSS compliance scores big points with auditors, but abiding by all the regulations and requirements is a tall order in many organizations.

  • Report: Companies still stumped by PCI DSS: A VeriSign review of PCI Data Security Standard (PCI DSS) assessments it conducted found that more than half were still stumbling on the path to compliance.

  • PCI portal aims compliance guidance at smaller merchants: PCI Knowledge Base aims to build a problem-solving community for merchants that can't afford hefty consulting fees.

  • Information Security podcasts: Visit SearchSecurity's podcast archive.