PCI Requirement 11.3 – Implement a Methodology for Penetration Testing
What is Penetration Testing? They key component of PCI Requirement 11.3 is penetration testing. Who can perform the testing? What’s involved? When should…
What is Penetration Testing? They key component of PCI Requirement 11.3 is penetration testing. Who can perform the testing? What’s involved? When should…
Significant Changes in Your Cardholder Data Environment PCI Requirement 11.2.3 requires that any time that you have made a significant change in your…
What is an ASV? To comply with PCI Requirement 11.2.2, you must use a PCI SSC Approved Scanning Vendor (ASV). An ASV is…
Vulnerabilities and Your Risk Ranking System PCI Requirement 11.2.1 states, “Perform quarterly internal vulnerability scans. Address vulnerabilities and perform rescans to verify all…
Running Network Vulnerability Scans PCI Requirement 11.2 requires that organizations run internal and external network vulnerability scans at least quarterly and also after…