Saltar al contenido principal
Elsevier

PCI DSS 3.1

The Standard That Killed SSL

  • 1 Edición - 14 de septiembre de 2015
  • Última edición
  • Autor: Branden R. Williams
  • Idioma: Inglés

PCI DSS has recently updated its standard to 3.1. While the changes are fairly minor in nature, there are massive implications to companies relying on SSL as a scope reducing tool… Leer más

Descripción

PCI DSS has recently updated its standard to 3.1. While the changes are fairly minor in nature, there are massive implications to companies relying on SSL as a scope reducing tool inside their enterprise. This update book goes through the specific changes to PCI DSS 3.1, and includes new case studies that discuss the specific implications for making the change to 3.1. This concise supplement also includes a detailed explanation of each changed requirement and how it will impact your environment. PCI Compliance, 3.1 Addendum serves as an update to Syngress’ comprehensive reference volume PCI Compliance, Fourth Edition.

Puntos claves

  • Includes all system updates to the new version of PCI DSS 3.1
  • Details and describes each update and enhancement
  • Includes case studies that illustrate when and where these changes will effect and improve your enterprise

De interès para

IT Security Professionals (Security Auditors, Security Engineers, Compliance Specialists, etc.), IT Professionals (Network Administrators, IT Managers, Security Managers, Security Analysts, Directors of Security, etc.)

Índice

  • Foreword
  • Acknowledgments
  • Chapter 1. Introduction
  • Chapter 2. The Death of SSL
    • Requirement 2.2.3
    • Requirement 2.3
    • Requirement 4.1
    • Interpretation Confusion
    • Longer Timelines
    • Summary of SSL Changes
    • Notes
  • Chapter 3. Third Parties
    • Requirement 12.9
    • Call the Ball
  • Chapter 4. Technical Testing
    • Requirement 11.3
    • Requirement 6.6
  • Chapter 5. Other Miscellaneous Changes
    • Requirement 3.2.1–3.2.3
    • Testing Procedure 3.4.E
    • Requirement 4.2
    • Requirement 8.1.4 and 8.2.4
    • Requirement 9.2
    • Testing Procedure 9.9.1.B
    • Requirement 10.6.1
    • Requirement 11.5
    • Requirement 12.2
    • Summary
    • Note
  • Chapter 6. Final Thoughts

Detalles del producto

  • Edición: 1
  • Última edición
  • Publicado: 14 de septiembre de 2015
  • Idioma: Inglés

Sobre el autor

BW

Branden R. Williams

Branden R. Williams (CISSP, CISM, CPISA, CPISM) leads an information security practice in a Global Security Consulting group at a major security firm in Flower Mound, TX and teaches in the NSA Certified Information Assurance program at the University of Dallas's Graduate School of Management. Branden has been involved in information technology since 1994, and focused on information security since 1996. He started consulting on payment security in 2004, assessing companies against the Visa CISP and Mastercard SDP programs. He has a Bachelors of Business Administration in Marketing from the University of Texas, Arlington, and a Masters of Business Administration in Supply Chain Management and Market Logistics from the University of Dallas.

Branden publishes a monthly column in the ISSA Journal entitled "Herding Cats," and authors a blog at http://www.brandenwilliams.com/.

Afiliaciones y experiencia
CISSP, CISM, CPISA, CPISM, and CTO of a Global Security Consulting group at a major security firm in Flower Mound, TX

Ver libro en ScienceDirect

Lee PCI DSS 3.1 en ScienceDirect