Security Weekly Podcast Network (Video)
Technology
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for application security. Specifically, PCI DSS 4.0 requires that by March 31, 2025, more testing of public-facing applications related to payment processing or other activities be considered “in scope” for compliance. Generally, any system that touches payment-card data is in scope for PCI DSS compliance, whether or not the system or function is public-facing. We'll talk through what organizations should have gotten done by March 31, 2024, and what needs to happen by March 31, 2025.
Segment Resources: https://info.obsglobal.com/pci-4.0-resources
Show Notes: https://securityweekly.com/psw-825
ToddleShark, Zeek, Stuxnet revisited, ICS, AMEX, Apple, Change, Josh Marpet, and More - SWN #366
The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275
SAML & Secrets, Serializing AI Models, OWASP ISTG, More Memory Safety - ASW #275
Security Starts At The Top and as CISOs Struggle, do they replace the CIO? - BSW #340
The Convergence of Security, Compliance, and Risk - Igor Volovich - BSW #340
Clueless pols, Lazarus, Ubiquity, UAMPQP, BlackCat, Airlines, Aaran Leyland and More - SWN #365
Funding goes quiet while M&A makes some noise! - ESW #351
Hacktivism Unveiled: Insights into the Footprints of Hacktivists - Pascal Geenens - ESW #351
Malware In Strange Places, Overheating, LockBit - PSW #818
Social Engineering: AI & Living Off The Land - Jayson E. Street - PSW #818
PrintListener, Post-Quantum Crypto in iMessage, Silent Sabotage, Rust Survey Results - ASW #274
Avast, Hadoop & Druid Servers, HackerGPT, Apple, Crowdstrike, EFF Lockbit, & More - SWN #364
Creating the Secure Pipeline Verification Standard - Farshad Abasi - ASW #274
How Application Performance Transformed into Application Security - Shibu George - BSW #339
The Unique Challenges of AI Risks - Padraic O'Reilly - BSW #339
Two-Factor Authentication - SWN Vault
Threat Intelligence & Threat Hunting - Chris Cochran - ESW Vault
Illuminating Cybersecurity Wisdom: Insights from a Thought Leader - Wendy Nather - PSW Vault
Redefining Threat Modeling - Security Team Goes on Vacation - Jeevan Singh - ASW Vault
Back to School: Networking 101 - SWN Vault
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Acquired