SecurityTube

Description: ynopsis: Hacking PCI Requirement 6.6: Why Your Web Applications are Still Not Secure
What is PCI Requirement 6.6? What is the PCI DSS?
• What is the intent of PCI Requirement 6.6?
• How to can a company comply with PCI Requirement 6.6?
o Web Application Assessments
o Web Application Firewall
Debate Regarding PCI DSS Requirement 6.6
• How Web Application Firewall's can Fail
o Examples of vulnerabilities many web application firewalls do not block (Demos)
• How Web Application Assessments can Fail
o Examples of vulnerabilities web application scanners miss (Demos)
Conclusion
• PCI in many cases can be thought of as the bare minimum for a security control framework however, it can be thought of as a good starting point for organizations how have nothing.
• What are the best solutions for organizations that will help them go above compliance and be secure?

Tags: securitytube , hacking , hackers , information security , convention , computer security , grrcon-2012 ,

Latest from the SecurityTube Blog:

Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Original Source: https://www.youtube.com/watch?v=JCIdvvVhQCY

Comments (None):

Login to post a comment