Security Weekly Podcast Network (Video)
Technology
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for application security. Specifically, PCI DSS 4.0 requires that by March 31, 2025, more testing of public-facing applications related to payment processing or other activities be considered “in scope” for compliance. Generally, any system that touches payment-card data is in scope for PCI DSS compliance, whether or not the system or function is public-facing. We'll talk through what organizations should have gotten done by March 31, 2024, and what needs to happen by March 31, 2025.
Segment Resources: https://info.obsglobal.com/pci-4.0-resources
Show Notes: https://securityweekly.com/psw-825
Nagios and Abandoned Projects, Hacking Trains (to Fix Them), OAuth Threats, 5Ghoul - ASW #267
Effective Security Strategy, Overlooked Leadership Attributes, and Fun Icebreakers - BSW #332
Santa, SEC, Google, Qakbot, VMWARE, AI, Turing, Voight-Kampff, Jason Wood, and more - SWN #350
Making Service Meshes Work for People - Idit Levine - ASW #267
Cyber Risk Management Starts with Risk Quantification - Padraic O'Reilly - BSW #332
Funding continues for early startups, cybersecurity isn't special, but pickleball is - ESW #343
Telemetry Data's Role in Cybersecurity - Tucker Callaway - ESW #343
The Pillars of Trust in Identity Verification - Rob O'Farrell - ESW #343
Tesla, TikTok, Karakurt, VISS, Cozy Bear, GambleForce, Aaran Leyland, and More - SWN #349
LogoFAIL, Default Passwords and Android Hacking - PSW #810
Embracing AI - Alex Sharpe - PSW #810
Prompt Injection Scanners, Better AI Jailbreaks, Purple Llama, Linux Kernel Security - ASW #266
Cybertruck, Viagra, Struts, Atlassian, Log4Shell, Pharmacies, Jason Wood, and More - SWN #348
The ABCs of RFCs - Heather Flanagan - ASW #266
The Impact of the New SEC Regulations on Cybersecurity - BSW #331
World's First CISO Dies as SEC Turns Up Enforcement on Cybersecurity - BSW #331
Holiday News Edition Featuring Special Guests - PSW #809
Vulnerability Management and Disclosure - PSW #809
Carbon Black's Solo Venture, Cybersecurity in Space, Rethinking Human Error, & More! - ESW #342
Q*, Unitronics, SLAM, Bluetooth, Cold Fusion, Google Drive, Aaran Leyland, and More - SWN #347
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast