WebApp Sec mailing list archives
Re: MasterCard backs off Security, Leave Cardholders at Risk
From: fscwi () hotmail com
Date: 7 Jun 2006 13:58:22 -0000
This only applies to the requirements for PCI vulnerability scanning. All applications involved with processing credit card transactions must still undergo a full scale in depth web application test as defined in the PCI Security Audit Standard. The difference is the web application security test standard states it must be done on an annual basis, and can be done by either an outside vendor or using internal staff. Vulnerability scanning on the other hand must done on a quarterly basis (for most merchants) by an outside service provider that has been evaluated and approved by MasterCard. ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today! https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF --------------------------------------------------------------------------
Current thread:
- MasterCard backs off Security, Leave Cardholders at Risk auto471292 (Jun 07)
- <Possible follow-ups>
- Re: MasterCard backs off Security, Leave Cardholders at Risk fscwi (Jun 07)
- RE: MasterCard backs off Security, Leave Cardholders at Risk Evans, Arian (Jun 08)
- RE: MasterCard backs off Security, Leave Cardholders at Risk Craig Wright (Jun 08)
- RE: MasterCard backs off Security, Leave Cardholders at Risk Evans, Arian (Jun 08)
- RE: MasterCard backs off Security, Leave Cardholders at Risk Craig Wright (Jun 08)
- RE: MasterCard backs off Security, Leave Cardholders at Risk David P. Durko (Jun 09)
- RE: MasterCard backs off Security, Leave Cardholders at Risk Craig Wright (Jun 09)
- Re: RE: MasterCard backs off Security, Leave Cardholders at Risk erez (Jun 15)