[Owasp-ireland] PCI, Clarifications made for Penetration Testing and Code Review and Application Firewall

Denis Carmody denis.carmody at gmail.com
Tue Apr 22 17:31:31 EDT 2008


The full PCI Security Council press release is available at the following
link, https://pcisecuritystandards.org/pdfs/04-22-08.pdf

WAKEFIELD, Mass., April 22, 2008 — The PCI Security Standards Council, a
global, open
industry standards body providing management of the Payment Card Industry
Data Security
Standard (DSS), PCI PIN Entry Device (PED) Security Requirements and the
Payment
Application Data Security Standard (PA-DSS), today announced the
availability of two
Information Supplements providing further clarification for PCI DSS
requirement 11.3, regarding
penetration testing, and Requirement 6.6, regarding application code review
and application
firewalls.
Both of these information supplements provide guidance to help merchants and
service providers meet these two requirements in support of their PCI DSS
compliance efforts.

Both information supplements are now available on the Council's website at
https://www.pcisecuritystandards.org/pdfs/infosupp_6_6_applicationfirewalls_codereviews.pdf
https://www.pcisecuritystandards.org/pdfs/infosupp_11_3_penetration_testing.pdf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-ireland/attachments/20080422/bf944fb0/attachment.html 


More information about the Owasp-ireland mailing list