Security Weekly Podcast Network (Video)
Technology
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for application security. Specifically, PCI DSS 4.0 requires that by March 31, 2025, more testing of public-facing applications related to payment processing or other activities be considered “in scope” for compliance. Generally, any system that touches payment-card data is in scope for PCI DSS compliance, whether or not the system or function is public-facing. We'll talk through what organizations should have gotten done by March 31, 2024, and what needs to happen by March 31, 2025.
Segment Resources: https://info.obsglobal.com/pci-4.0-resources
Show Notes: https://securityweekly.com/psw-825
Arg Parsing in Rust, End of Life Hardware, CSRB & MS, Chrome’s V8 Sandbox - ASW #281
Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, & Josh Marpet - SWN #378
Demystifying Security Engineering Career Tracks - Karan Dwivedi - ASW #281
Generative AI Legal Challenges as SEC Charges Disrupt Journey to CISO Role - BSW #346
From Idea to Success: How to Operationalize a Startup from Zero to Exit - Seth Spergel - BSW #346
Combadges, SISENSE, Microsoft, CISA, Lastpass, Palo Alto, Broadband, Aaran and More - SWN #377
The AI-est news segment ever, now with even more AI! - ESW #357
Why Is Your TV & NAS On The Internet? - PSW #824
Understanding KillNet and Recent Waves of DDoS Attacks - Michael Smith - ESW #357
Digging Into Supply Chain Security - James McMurry - PSW #824
OWASP Breach, Types of Prompt Injection, Device-Bound Sessions, ASVS & APIs - ASW #280
Dronepocalypse, Microsoft, DLINK, Home Depot, Phishing, NIST, VenomRat, Josh Marpet - SWN #376
Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280
Understanding the Cybersecurity Ecosystem, Part 2 - Ross Haleliuk - BSW #345
Understanding the Cybersecurity Ecosystem, Part 1 - Ross Haleliuk - BSW #345
SEXi, Powerhost, Acuity, Layerslider, JSOutProx, Byakugan, Josh Marpet, and More - SWN #375
Have you heard about AI? Lots of AI news. Also, RSA conference, and RooBadges! - ESW #356
Getting Vulnerability Management Back on the Rails - Patrick Garrity - ESW #356
It's A Minifilter! - PSW #823
XZ - Backdoors and The Fragile Supply Chain - PSW #823
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Acquired