[Owasp-brazilian] Few expected to make June 30 PCI deadline for Web application security

Marcos Aurelio Rodrigues deigratia33 at gmail.com
Mon May 19 07:33:46 EDT 2008


Pra quem acha que so Brasileiro que deixa as coisas pra ultima hora...

May 12, 2008 (Computerworld) Retailers covered by the Payment Card Industry
Data Security Standard (PCI-DSS) have just about a month and a half left to
comply with new requirements for protecting Web applications. But as with
previous PCI-related deadlines, this one appears destined to pass with a
majority of merchants unlikely to be in full compliance.

After June 30, all merchants accepting payment card transactions will be
expected to either use a specialized firewall for protecting their Web
applications or to have completed a Web application software code review for
finding and fixing vulnerabilities in these applications. Companies that
fail to implement either measure will be deemed to be out of compliance with
PCI starting June 30.

"Most of our clients are not going to be ready," by that deadline, said Avivah
Litan<http://www.computerworld.com/action/inform.do?command=search&searchTerms=Avivah+Litan>,
an analyst at Stamford, Conn.-based Gartner
Inc.<http://www.computerworld.com/action/inform.do?command=search&searchTerms=Gartner+Inc.>"We
are amazed at how many companies are still only learning their way
around the requirements" and what they call for, Litan said.

...

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9085038&pageNumber=1


-- 
========================================
Marcos Aurelio Rodrigues (DEiGrAtiA-33)
<deigratia33 at gmail.com>
CCNA, MCSO, Security+
Mirabilia laudo semprer, Dei
========================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-brazilian/attachments/20080519/e6165baf/attachment.html 


More information about the Owasp-brazilian mailing list