This book explains the payment card industry (PCI) security standards required for organizations storing, processing, or transmitting credit card holder information. This step-by-step guide outlines application development and implementation strategies for Payment Application Data Security Standard (PA-DSS) implementation and validation. It includes case studies and examples from a variety of industries, including banking, retail, outsourcing, software development, and processors. Focused on audit and assessment strategies, the book articulates specific compliance issues and covers the recently released PCI-DSS v 3.0.…mehr
This book explains the payment card industry (PCI) security standards required for organizations storing, processing, or transmitting credit card holder information. This step-by-step guide outlines application development and implementation strategies for Payment Application Data Security Standard (PA-DSS) implementation and validation. It includes case studies and examples from a variety of industries, including banking, retail, outsourcing, software development, and processors. Focused on audit and assessment strategies, the book articulates specific compliance issues and covers the recently released PCI-DSS v 3.0.Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Abhay Bhargav is the founder and chief technical officer of the we45 Group, a Bangalore based information security solutions company. He has extensive experience with information security and compliance, having performed security assessments for many enterprises in various domains, such as banking, software development, retail, telecom, and legal. He is a qualified security assessor (QSA) for the payment-card industry and has led several security assessments for payment-card industry compliance. He is also the coauthor of Secure Java for Web Application Development, published by CRC Press. Abhay is a specialist in Web-application security with broad experience in vulnerability assessment and penetration testing, and he has served as a consultant for a wide array of enterprises and governmental/quasi-governmental entities. He was recently awarded the prestigious SANS Certified GIAC Web Application Penetration Tester certification. He has been interviewed by leading media outlets for his expertise on information security, particularly application security. Links to the interviews are available here and here. Abhay is a regular speaker at industry events. He was a featured speaker at the JavaOne Conference in September 2010 at the Moscone Center in San Francisco. He also regularly speaks at OWASP (Open Web Application Security Project) conferences around the world, notably in New York at the world's largest application security conference, the OWASP AppSec Conference, in September 2008. He has also spoken at various other conferences and seminars, such as the PCI summit in Mumbai in December 2008. He is a regular speaker at industry events such as the Business Technology Summit and events organized by the Confederation of Indian Industry (CII). He has also delivered several talks to government entities and their stakeholders on information security and application security. He is also a trainer in information security and has led several public workshops on PCI, PA-DSS, and risk assessment. Abhay is well versed in risk assessment and risk management, with rich consulting experience in the OCTAVE(R) Risk Assessment and NIST SP 800-30 methodologies. His expertise also extends to providing solutions on information security based on the ISO-27001, HIPAA, SOX, GLBA, and other security-compliance standards. Previously, Abhay was the leader of application security and PCI compliance at SISA Information Security Pvt Ltd. Prior to that, he was involved in implementing enterprise IT solutions for various verticals, including manufacturing and retail. He has developed various business applications in Java and proprietary object-oriented program languages such as TDL. He has also written various articles on application security and security compliance. Apart from his professional interests, Abhay is also a trained Carnatic classical flutist and has delivered several concerts. He is also a theater enthusiast and playwright with an English comedy play to his writing credits. He blogs actively and maintains a security blog and a personal blog. He also writes a weekly article on computer education in a leading Kannada daily newspaper for the rural youth.
Inhaltsangabe
Payment-Card Industry: An Evolution. Card Anatomy: The Essentials. Security and the Payment-Card Industry. Payment Card Industry Data Security Standard (PCI-DSS). The Payment Application Data Security Standard (PA-DSS). Enterprise Approach to PCI Compliance. Scoping for PCI Compliance. Requirement 1: Build and Maintain a Secure Network. Requirement 2: Vendor-Supplied Defaults, System Passwords, and Security Parameters. Requirement 3: Protect Stored Cardholder Data. Requirement 4: Securing Cardholder Information in Transit. Requirement 5: Use and Regularly Update Antivirus Software. Requirement 6: Develop and Maintain Secure Systems. Requirement 7: Restrict Access to Cardholder Data by Business. Requirement 8: Access-Control Requirements for PCI Environments. Requirement 9: Restrict Physical Access to Cardholder Data. Requirement 10: Logging and Monitoring for the PCI Standards. Requirement 11: Security Testing for the PCI Environment. Requirement 12: Information Security Policies and Practices for PCI Compliance. Beyond PCI Compliance.
Payment-Card Industry: An Evolution. Card Anatomy: The Essentials. Security and the Payment-Card Industry. Payment Card Industry Data Security Standard (PCI-DSS). The Payment Application Data Security Standard (PA-DSS). Enterprise Approach to PCI Compliance. Scoping for PCI Compliance. Requirement 1: Build and Maintain a Secure Network. Requirement 2: Vendor-Supplied Defaults, System Passwords, and Security Parameters. Requirement 3: Protect Stored Cardholder Data. Requirement 4: Securing Cardholder Information in Transit. Requirement 5: Use and Regularly Update Antivirus Software. Requirement 6: Develop and Maintain Secure Systems. Requirement 7: Restrict Access to Cardholder Data by Business. Requirement 8: Access-Control Requirements for PCI Environments. Requirement 9: Restrict Physical Access to Cardholder Data. Requirement 10: Logging and Monitoring for the PCI Standards. Requirement 11: Security Testing for the PCI Environment. Requirement 12: Information Security Policies and Practices for PCI Compliance. Beyond PCI Compliance.
Es gelten unsere Allgemeinen Geschäftsbedingungen: www.buecher.de/agb
Impressum
www.buecher.de ist ein Internetauftritt der buecher.de internetstores GmbH
Geschäftsführung: Monica Sawhney | Roland Kölbl | Günter Hilger
Sitz der Gesellschaft: Batheyer Straße 115 - 117, 58099 Hagen
Postanschrift: Bürgermeister-Wegele-Str. 12, 86167 Augsburg
Amtsgericht Hagen HRB 13257
Steuernummer: 321/5800/1497
USt-IdNr: DE450055826