Sumeet Singh » pci http://sumeetsingh.net Wed, 18 Feb 2009 15:12:35 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 PCI DSS 6.6 Supplement http://sumeetsingh.net/2008/04/23/pci-dss-66-supplement/ http://sumeetsingh.net/2008/04/23/pci-dss-66-supplement/#comments Tue, 22 Apr 2008 18:58:09 +0000 sumeet http://sumeetsingh.net/2008/04/23/pci-dss-66-supplement/ PCI SSC finally released “Information Supplement: Payment Card Industry Data Security Standard (PCI DSS) Requirement 6.6 Code Reviews and Application Firewalls” that would clean some air on how much application security is really required for PCI DSS compliance. I have often had long discussions on the intent of 6.6 requirement, and to me it always was clear that Section 6.6 wanted application owners to be cautious against web based attacks than just web-application security testing.

The supplement is a must read and can be downloaded from here

]]> http://sumeetsingh.net/2008/04/23/pci-dss-66-supplement/feed/ 0