1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IDG Contributor Network: PCI, it's all about the app

Discussion in 'CSO' started by RSS, Sep 10, 2015.

  1. RSS

    RSS New Member Member

    Editor's note: In the first part of a three-part series, Ben Rothke and David Mundhenk gave an introduction to the need for application security, and firms that have in-scope PCI applications have a lot to do to ensure PCI compliance.

    Application security is a critical part of both good (actually basic) information security practices and PCI compliance. There are several compliance domains relevant to PCI and application security.

    PCI Data Security Standard (PCI DSS) requirement 6 states it in seven simple words: “…develop and maintain secure systems and applications.” Those seven words trickle down in 28 individual requirements. These requirements are for application developers who create applications that process, store or transmit cardholder data (CHD).

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page