Are emailed credit card numbers in scope for PCI compliance?
Companies occasionally get sensitive credit card information (all information required to complete a purchase) via email or by telephone. As QSAs, we believe this is a security risk or, at the very least, poor practice and that it should be on top of mind. All...
What is a Web Application Penetration Testing?
Web application penetration testing means testing the security integrity of browser-based applications. All potentially vulnerable web-based services, including APIs and web interfaces, are checked. This is done by executing the same steps that malicious attackers...
Webinar Staying in Control with PCI DSS with Continuous Compliance
Speakers: Vincent Ossewaarde PCI QSA | CISSP | CISA | CEO - Fortytwo Security (English) Natalia Morando Compliance Specialist PCI DSS | Senior Security Consultant - Fortytwo...
PCI Continuous Compliance Service – The Benefits
PCI DSS Compliance comes in multiple parts. For some, the hardest part might seem to be the road to compliance, but in fact, we see many organizations struggling with remaining compliant: PCI DSS is not a single-use task that is done at a certain date but requires...
Webinar: How Cloud Technology can Simplify PCI DSS Compliance
Speakers:Vincent Ossewaarde PCI QSA | CISSP | CISA | CEO - Fortytwo Security (English)Natalia Morando Compliance Specialist PCI DSS | Senior Security Consultant - Fortytwo...
Penetration testing: What is the goal?
We explain why a penetration test is an essential security measure for any company Penetration testing may raise many questions in your team. Regularly, we get asked about the purpose of a Penetration test. A reasonable question because an unknown team of pentesters...