Abhay Bhargav

PCI Compliance (eBook, ePUB)

The Definitive Guide

• Format: ePub

Produktbeschreibung

Although organizations that store, process, or transmit cardholder information are required to comply with payment card industry standards, most find it extremely challenging to comply with and meet the requirements of these technically rigorous standards. PCI Compliance: The Definitive Guide explains the ins and outs of the payment card industry (

---

Dieser Download kann aus rechtlichen Gründen nur mit Rechnungsadresse in A, B, BG, CY, CZ, D, DK, EW, E, FIN, F, GR, HR, H, IRL, I, LT, L, LR, M, NL, PL, P, R, S, SLO, SK ausgeliefert werden.

Produktdetails

• Verlag: Taylor & Francis
• Seitenzahl: 351
• Erscheinungstermin: 5. Mai 2014
• Englisch
• ISBN-13: 9781498759991
• Artikelnr.: 44366244

Autorenporträt

Abhay Bhargav is the founder and chief technical officer of the we45 Group, a Bangalore based information security solutions company. He has extensive experience with information security and compliance, having performed security assessments for many enterprises in various domains, such as banking, software development, retail, telecom, and legal. He is a qualified security assessor (QSA) for the payment-card industry and has led several security assessments for payment-card industry compliance. He is also the coauthor of Secure Java for Web Application Development, published by CRC Press.

Abhay is a specialist in Web-application security with broad experience in vulnerability assessment and penetration testing, and he has served as a consultant for a wide array of enterprises and governmental/quasi-governmental entities. He was recently awarded the prestigious SANS Certified GIAC Web Application Penetration Tester certification. He has been interviewed by leading media outlets for his expertise on information security, particularly application security. Links to the interviews are available here and here.

Abhay is a regular speaker at industry events. He was a featured speaker at the JavaOne Conference in September 2010 at the Moscone Center in San Francisco. He also regularly speaks at OWASP (Open Web Application Security Project) conferences around the world, notably in New York at the world's largest application security conference, the OWASP AppSec Conference, in September 2008. He has also spoken at various other conferences and seminars, such as the PCI summit in Mumbai in December 2008. He is a regular speaker at industry events such as the Business Technology Summit and events organized by the Confederation of Indian Industry (CII). He has also delivered several talks to government entities and their stakeholders on information security and application security. He is also a trainer in information security and has

Inhaltsangabe

Payment-Card Industry: An Evolution. Card Anatomy: The Essentials. Security
and the Payment-Card Industry. Payment Card Industry Data Security Standard
(PCI-DSS). The Payment Application Data Security Standard (PA-DSS).
Enterprise Approach to PCI Compliance. Scoping for PCI Compliance.
Requirement 1: Build and Maintain a Secure Network. Requirement 2:
Vendor-Supplied Defaults, System Passwords, and Security Parameters.
Requirement 3: Protect Stored Cardholder Data. Requirement 4: Securing
Cardholder Information in Transit. Requirement 5: Use and Regularly Update
Antivirus Software. Requirement 6: Develop and Maintain Secure Systems.
Requirement 7: Restrict Access to Cardholder Data by Business. Requirement
8: Access-Control Requirements for PCI Environments. Requirement 9:
Restrict Physical Access to Cardholder Data. Requirement 10: Logging and
Monitoring for the PCI Standards. Requirement 11: Security Testing for the
PCI Environment. Requirement 12: Information Security Policies and
Practices for PCI Compliance. Beyond PCI Compliance.