Security Weekly Podcast Network (Video)
Technology
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for application security. Specifically, PCI DSS 4.0 requires that by March 31, 2025, more testing of public-facing applications related to payment processing or other activities be considered “in scope” for compliance. Generally, any system that touches payment-card data is in scope for PCI DSS compliance, whether or not the system or function is public-facing. We'll talk through what organizations should have gotten done by March 31, 2024, and what needs to happen by March 31, 2025.
Segment Resources: https://info.obsglobal.com/pci-4.0-resources
Show Notes: https://securityweekly.com/psw-825
The New BISO Role – A Career Path to CISO? - BSW Vault
Batman, Microsoft, War Driving, OpenAI, DevDrive, The Dead, Aaran Leyland, and More - SWN #363
Pretending to be Batman, self-destructing USB drives, and controlling your dreams - ESW #350
Material: cybersecurity word of the year, thanks to the SEC - Amer Deeba - ESW #350
Navigating the Cybersecurity Frontier: Insights from a Seasoned Professional - Toby Miller - PSW #817
Panel: Physical Security and Social Engineering - PSW #817
Proactive Compliance, Improving Cybersecurity Culture, and Hiring The Right Skills - BSW #338
Creating Code Security Through Better Visibility - Christien Rioux - ASW #273
LLMs & Security Tools, Shim Vuln, AI Threat Models, Configuration as Code with Pkl - ASW #273
Angry mobs, Azure, Avanti, Rhysida, Warzone, Flipper Zero, Josh Marpet, and More - SWN #362
Fake IDs threaten ID verification services, PANW hits $100B valuation, and other news - ESW #349
RoboJoe, SHIM, Fortinet, FaceOff, Simswap, sudo in Windows, Aaran Leyland, and More - SWN #361
Shim Shady and Algorithm Lovers - PSW #816
Zero-Trust is Meaningless if Your Cryptography is Flakey - Vincent Berk - ESW #349
You Can’t Defend What You Can’t Define - Sergey Bratus - PSW #816
Sorting Out Glibc Vulns, Apple's Security Research Device, BoringSSL, Old C Vulns - ASW #272
Teens Gone Wild, Nintendo, Anydesk, RUST, Google, Deepfakes, Jason Wood, and more - SWN #360
Starting an OWASP Project (That's Not a List!) - Grant Ongers - ASW #272
Pick Your Battles To Avoid Overconsolidation - Jess Burn, Jeff Pollard - BSW #337
Security Money - The Index Comes Roaring Back - BSW #337
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Acquired