by Randy Bartels / October 13th, 2017
Documentation Requirements PCI Requirement 6 pairs with PCI Requirement 5 to satisfy vulnerability management program expectations. PCI Requirement 6 states, “Develop and maintain secure…
by Randy Bartels / October 13th, 2017
Address New Threats and Vulnerabilities for Web Applications PCI Requirement 6.6 states, “For public-facing web applications, address new threats and vulnerabilities on an ongoing…
by Randy Bartels / October 13th, 2017
What is Cross-Site Request Forgery? PCI Requirement 6.5.9 states that your organization’s applications are protected from cross-site request forgery (CSRF). PCI Requirement 6.5.9 applies…
by Randy Bartels / October 13th, 2017
What is Improper Access Control? PCI Requirement 6.5.8 states that your organization’s applications are protected from improper access control, such as insecure direct object…
by Randy Bartels / October 13th, 2017
What is Cross-Site Scripting? Cross-site scripting (XSS) is another type of common coding vulnerability associated with application development. PCI Requirement 6.5.7 requires that you…
