Home >
> PCI Compliance |
 |
|
|
|
|
 |
|
Results 1 - 25 of 73 matches |
Sort Results By : Published Date | Title | Company name |
|
|
Achieving PCI Compliance with Log Management |
| By : SenSage |
Published Date: Jun 30, 2008 |
|
PCI DSS states that logging mechanisms to track user activities are critical. Learn how log management can help companies track, monitor and transform log data into actionable information. Identify security threats, monitor controls, conduct investigations, satisfy auditors, answer legal requests and manage security.
Download Now
|
 |
|
|
|
A User-Centric Security Approach for the Dynamic Enterprise |
|
|
Security solutions must be tied to both high-level corporate goals and to everyday end-user realities as a result of the potential for increased risk to enterprise assets. One recent and promising approach to reducing the risk associated with fast-evolving end-user realities is to reinforce security closer to enterprise end users. In practice, that means reinforcing security at the points where end users connect to the corporate network and reinforcing security for mobile users’ communications.
Download Now
|
 |
|
|
|
Automating Code Reviews: How to Manage Application Risk on a Shrinking Budget |
| By : Veracode |
Published Date: Oct 16, 2008 |
|
In a tightening economy many organizations are faced with a “do more with less” mandate on their budgets and their security strategies. On-demand application security testing offered as an outsourced service – based on binary analysis and multiple scanning technologies – is a major step toward reducing risk in applications developed, in house, as well as applications purchased from third party vendors. Learn how moving to a SaaS (Software as a Service) model for application security can automate your code reviews and reduce your risk, without taxing your budget.
Download Now
|
 |
|
|
|
Complying with the Payment Card Industry's Data Security Standard |
|
|
The Payment Card Industry Data Security Standard (PCI DSS) was drawn up in order to reduce leakage and inappropriate use of credit card information. It contains over 100 clear information security requirements for all companies who process, store or transfer data about cardholders: banks, processing centers, service providers, retail stores, e-commerce businesses, etc.
Download Now
|
 |
|
|
|
Data Leakage Landscape: Where Data Leaks and How Next Generation Tools Apply |
|
|
Like the steady drip from a leaking faucet, everyday data leaks are making headlines more often than the nefarious attack scenarios around which organizations plan most, if not all, of their data leakage prevention methods. In this paper, we map these leakage points with regulations and best practices. Protection mechanisms can be simplified by breaking them into five major categories: classic malware protections to prevent system infections, enforceable access controls, encryption, filtering for data sensitive data types being sent out of the organization, and education.
Download Now
|
 |
|
|
|
|
|
Ensure Customer Confidence: PCI Guide for Merchants and Service Providers |
| By : Veracode |
Published Date: Oct 17, 2008 |
|
The PCI Data Security Standard (PCI DSS) delineates requirements that vendors must meet in order to conduct business transactions using payment cards. New PCI requirements that specifically focus on application security became mandatory in June 2008. With their own brands at risk, merchants and service providers must secure their applications from potential vulnerabilities to comply with PCI standards. This whitepaper helps Merchants and Service Providers understand and meet PCI DSS requirements.
Download Now
|
|
|
|
|
Fact of Fiction: Debunking the Top 5 Misconceptions about Data Protection |
|
|
One of the latest trends in IT security has been the shift in focus toward data-centric protection. Data is the most valuable asset an IT department must protect, and technology has evolved to meet this requirement. Encryption technology and data leakage protection solutions, which tend to rely heavily on content filtering technology, have helped shore up many organizations’ data stores, but the problem is that as companies adjust their data protection strategies they have fallen prey to a number of misconceptions about data protection.
Download Now
|
 |
|
|
|
Five Steps to Secure Outsourced Application Development |
| By : Veracode |
Published Date: Jul 10, 2008 |
|
Application security has risen to the top of the agenda for security professionals striving to control their overall risk profile. According to US Computer Emergency Response Team (US-CERT) and Gartner, 75% of new attacks target the application layer and software vulnerabilities have reached an all time high – with more than 7,000 new vulnerabilities discovered over the last year.
Learn how independent verification and validation of offshore software, delivered through an on-demand service, can automate security acceptance testing and secure your enterprise.
Download Now
|
|
|
|
|
Keep Your Customer Data Safe: A Guide to Securing Web Applications |
| By : Veracode |
Published Date: Oct 17, 2008 |
|
With over 75% of new attacks targeted directly at the application layer and many high profile web attacks covered by the media, web application security has become top of mind for IT security managers. While the need for web security and web services security is certainly understood, the methods and approaches for web application security testing can seem daunting.
In this whitepaper learn how to secure web applications using web application security testing and understand the different approaches that leading organizations take to address website security.
Download Now
|
|
|
|
|
OCC Bulletin 2008-16: A Blueprint for Compliance |
| By : Veracode |
Published Date: Oct 17, 2008 |
|
The recent issuance of the OCC Bulletin 2008-16 alerted financial institutions to the risks posed by insecure. Historically, banks have lacked an effective and cost-efficient manner to analyze the security of software. Security testing has been limited to manual analysis by consultants, using internal teams with source code tools or trusting software vendors to test their own code. None of these approaches scale to cover entire application portfolios, and can add significant time and costs to projects. This whitepaper outlines how these limitations can be overcome by following five best practices that institutions can use to secure their applications.
Download Now
|
|
|
|
|
Patch Management 2.0: Evolving Your Patch Management Technology to Combat Security Challenges |
|
|
The realities of security and compliance have changed considerably since patch management faced its first big paradigm shift some years ago. At that time many organizations wrestled with the transition from manual patching and remediation to an automated process. Of course, nothing in security is ever static, so it is no surprise that patch management has continued to evolve since then. Though still automated, today’s best patch management tools and techniques are significantly different from their predecessors.
Download Now
|
|
|
|
|
Regulations and Standards: Where Encryption Applies |
|
|
There are a significant number of worldwide regulations that relate to protection of private and sensitive data. Some are focused on protection of specific industry information, where others are more concerned with disclosure of data loss incidents and privacy attributes. Most of today's standards and compliance regulations are concerned with the protection of private data at rest, during transactions, and while it traverses network connections.
Download Now
|
|
|
|
|
|
|
Best Practices for Audit and Compliance Reporting for IBM AS/400 (System i) |
|
|
Compliance with regulations such as Sarbanes-Oxley, PCI, HIPAA and GLBA requires regular audit reporting against critical information technology (IT) assets. This whitepaper outlines the key items that need to be reviewed on AS/400 (System i) for both configuration data and transactional log information from the audit journal. The white paper also provides guidance on integrating the AS/400 with Security Information Management (SIM) solutions.
Download Now
|
 |
|
|
|
|
|
Facilitating PCI DSS Compliance |
|
|
The Payment Card Industry Data Security Standard is a detailed series of 130+ requirements that anyone who stores or transfers credit card data has to comply with. However due to the protection it offers, the PCI DSS is fast becoming a security standard for all sensitive data that needs to be protected. The goal of the standard is to ensure security of data in transit and at rest while ensuring compliance is maintained.
Download Now
|
 |
|
|
|
|
|
|
|
|
|
|
|
How Lack of Password Management Solutions Frustrates Users and Increases Administration Headaches |
| By : CA |
Published Date: Mar 26, 2008 |
|
Finding the right password for the right IT environment can be time-consuming, confusing, and a drag on a user’s workplace productivity no matter if they’re an employee, or an external partner, contractor, or customer. Recreating passwords when they expire is an even greater challenge. But worst of all is the combination of issues associated with finding and regularly recreating passwords on a multitude of applications all across the corporate network.
Download Now
|
 |
|
|
|
Securing Data at Rest: An Enterprise Strategy for Data Encryption |
| By : HP |
Published Date: Oct 26, 2007 |
|
The data residing on your storage systems and media, data-at-rest, presents serious security concerns. Regulations and various mandates around the world are putting the burden on companies and government entities to protect the private information they store. Increasingly, companies are being required to publicly disclose breaches that put individuals private data at risk, be it a customer, employee, shareholder, partner, or other stakeholder.
Download Now
|
 |
|
|
|
|
|
|
| |
|
|
|
Results 1 - 25 of 73 matches |
Sort Results By : Published Date | Title | Company name |
|
|
<< Start < Previous 1 2 3 Next > End >>
|
More Security Topics |
Access Control, Anti Spam, Anti Spyware, Anti Virus, Application Security, Auditing, Authentication, Biometrics, Business Continuity, Compliance, DDoS, Disaster Recovery, Email Security, Encryption, Firewalls, Hacker Detection, High Availability, Identity Management, Internet Security, Intrusion Detection, Intrusion Prevention, IPSec, Network Security Appliance, Password Management, Patch Management, Phishing, PKI, Policy Based Management, Security Management, Security Policies, Single Sign On, SSL, Secure Instant Messaging, Web Service Security, PCI Compliance |
|
 |
|
RSS
