Compliance Software » software

PA-DSS ‘Guidance’ for Mobile Apps Likely to Come This Year, PCI Council Says

compliancesoftware — Wed, 26 Jan 2011 18:24:24 +0000

Top officials with the Wakefield, Mass.-based organization tell Digital Transactions News the Council is working on what it calls a “technology evaluation” to craft new validation procedures that more clearly suit the software used by mobile merchants via .

Report claims 80% of web apps will fail a PCI DSS audit

compliancesoftware — Wed, 29 Sep 2010 00:40:57 +0000

Research released today makes the damning assertion that, with more than half of all software failing to meet acceptable security levels, 80% of all web applications are at risk of failing a PCI audit. via Infosecurity (UK) – Report claims …

Privacy software: Who are the early leaders? – software, security, privacy, ControlCase, Consult2Comply, brinQa, Avior Computing, Archer, applications, Agiliance – Security & Email – PC World Business

compliancesoftware — Thu, 26 Aug 2010 18:54:19 +0000

Together they form what I’d call the “privacy GRC” market, where GRC stands for “governance, risk and compliance.” GRC makes up most of what privacy people do. It’s not a big market. To put things into perspective, Gartner is only …

Windows DLL load hijacking exploits go wild

compliancesoftware — Thu, 26 Aug 2010 02:24:21 +0000

Less than 24 hours after Microsoft said it couldn’t patch Windows to fix a systemic problem, attack code appeared Tuesday to exploit the company’s software. Also on Tuesday, a security firm that’s been researching the issue for the last nine …

Do You Have What It Takes To Pass Your Payment Card Industry Audit? #PCI

compliancesoftware — Thu, 17 Jun 2010 14:41:22 +0000

With every company reliant on software to run its business, an alarming rise in data breach incidents across industries, but especially credit card processing, means application security is becoming an increasingly critical part of any organisation’s overall IT security strategy. …

Lawsuit Brewing Against Popular POS Software Provider and Reseller

compliancesoftware — Thu, 03 Jun 2010 02:04:08 +0000

With evidence mounting of flagrant abuses of PCI-DSS security standards, two attorneys are on the verge of announcing the official filing of a national lawsuit against one of the hospitality industry’s biggest point-of-sale (POS) technology providers and one of its …

OWASP Top10 2010 Released

compliancesoftware — Thu, 22 Apr 2010 00:12:06 +0000

Today, OWASP has released an updated report capturing the top ten risks associated with the use of web applications in an enterprise. This colorful 22 page report is packed with examples and details that explain these risks to software developers, …

CloudAudit targets automated risk assessment, management

compliancesoftware — Wed, 07 Apr 2010 03:10:32 +0000

CloudAudit, launched in January 2010, brings together cloud computing providers, integrators and consultants in an effort to create a common interface and namespace. The volunteer initiative aims to help with an automated risk assessment and audit of Software-as-a-Service (SaaS), Platform-as-a-Service …

Internal data breaches a rarity

compliancesoftware — Mon, 01 Feb 2010 15:17:20 +0000

In 85 percent of the cases, 7Safe found that the compromised information was payment and card data, and the main attack route was through the sort of unsophisticated SQL injection attacks databases are supposed to be able to resist. Shared …

NIST Updates Automated Computer Security Validation Guidelines

compliancesoftware — Wed, 16 Dec 2009 14:20:03 +0000

The National Institute of Standards and Technology (NIST) has issued a draft publication for public comment that describes changes to the Security Content Automation Protocol (SCAP). SCAP is a suite of specifications that use the eXtensible Markup Language (XML) to …