Security Weekly Podcast Network (Video)
Technology
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for application security. Specifically, PCI DSS 4.0 requires that by March 31, 2025, more testing of public-facing applications related to payment processing or other activities be considered “in scope” for compliance. Generally, any system that touches payment-card data is in scope for PCI DSS compliance, whether or not the system or function is public-facing. We'll talk through what organizations should have gotten done by March 31, 2024, and what needs to happen by March 31, 2025.
Segment Resources: https://info.obsglobal.com/pci-4.0-resources
Show Notes: https://securityweekly.com/psw-825
Security in Wrenches, Vulns in Atlassian and GitLab, 2023's Top Web Hacking Tricks - ASW #270
Dealing with the Burden of Bad Bots - Sandy Carielli - ASW #270
Say Easy, Do Hard, Hiring a CISO, Part 2 - BSW #335
Google, Pax, LeftOverlocals, Mint Sandstorm, DJI, Colossus, Aaran Leyland, and More - SWN #355
Dogs, AI, and Gyrogears (it's a slow security news week) - ESW #346
Creating Trust in Biometric Authentication for Identity Verification - Sabrina Gross - ESW #346
Bigpanzi, PixieFAIL, Dark Xmas - PSW #813
K-12 Cybersecurity - Brian Stephens - PSW #813
Atari 400, Gitlab, Sonicwall, Juniper, Stats, Ivanti, Sharepoint, Jason Wood and More - SWN #354
Communicating Technical Topics Without Being Boring - Eve Maler - ASW #269
Say Easy, Do Hard, Hiring a CISO, Part 1 - BSW #334
Funding, acquisitions, AI, CES, and dumpster fires kick off security for 2024! - ESW #345
Smart Cars, Microsoft, Layoffs, PyTorch, Mandiant, SEC, Aaran Leyland, and More News - SWN #353
The Pros and Cons of Building a Security Business Around Open Source - Ev Kontsevoy - ESW #345
Predicting GenAI Threats and Concerns in 2024 - Greg Notch - ESW #345
We're Old Now - PSW #812
The Evolution of Purple Teaming - Jared Atkinson - PSW #812
23andMe Blames Users, Abusing Google's OAuth2, Rustls Performance, AI Goes OSINT - ASW #268
Jobs, QNAP, NIST, Spectral Blur, Stuxnet, Swatting, Volkswagen, Jason Wood - SWN #352
What's in Store for 2024? - ASW #268
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast