English | Français
Main
Ethical Hacking
Penetration TestingWhat a Penetration Test is Methodologies and Standards Results Analysis
Case StudiesCase Study For ManagementCase Study For IT Experts
Security Auditing
Security EvaluationSecurity AuditSource Code Review
Case StudiesCase Study For ManagementCase Study For IT Experts
Risk Management
PreventionSecurity Training Secure Programming
Reaction Incident Recovery Incident Forensics
Company
GeneralCareersOverviewManagement TeamCorporate Presentation
PartnersOur Partners
Contacts
Sales & MarketingLocationsHave Us Contact You
SupportCustomer Login

PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is a worldwide information security standard assembled by the Payment Card Industry Security Standards Council (PCI SSC).

The standard was created to help organizations that process credit card payments prevent credit card fraud through increased controls around data and its exposure to compromise.

The latest version of PCI DSS 1.2.1 released in July 2009 consists of 12 requirements and security assessment procedures:

  1. Install and maintain a firewall configuration to protect cardholder data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
  3. Protect stored cardholder data
  4. Encrypt transmission of cardholder data across open, public networks
  5. Use and regularly update anti-virus software or programs
  6. Develop and maintain secure systems and applications
  7. Restrict access to cardholder data by business need to know
  8. Assign a unique ID to each person with computer access
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to network resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security for employees and contractors

More information on PCI DSS can be found on the PCI Security Standards Council.
Security Glossary

PCI DSS
Penetration Test
High-Tech Bridge Corporate Presentation

Recent US-CERT Alerts:

Microsoft Updates for Multiple Vulnerabilities Microsoft Updates for Multiple Vulnerabilities Microsoft Internet Explorer Vulnerabilities Adobe Reader and Acrobat Vulnerabilities

Recent Vulnerabilities:

Microsoft Internet Explorer 'iepeers.dll' Remote Code Execution Vulnerability Microsoft Excel FNGROUPNAME Record Remote Code Execution Vulnerability Squid Web Proxy Cache HTCP Request Processing Remote Denial of Service Vulnerability Linux Kernel KVM Multiple Privilege Escalation and Denial of Service Vulnerabilities
Ethical Hacking ISO 27001 CISO/CSO OWASP OSSTMM CERT MELANI CEH IMPACT PCI DSS Security Policy COBIT
2007-2010 © High-Tech Bridge SA, Switzerland
Contacts Legal Disclaimer Privacy Policy
World Trade Center, CP 390
29, Route de Pre-Bois
CH-1215 Geneva 15, Switzerland
Tel: +41 (0) 22 723 24 24
Fax: +41 (0) 22 788 35 71
Print VersionPrint Version