Overview
Explore best practices for developing secure applications compliant with the Payment Card Industry Data Security Standard (PCI DSS) in this conference talk from AppSecEU 2014. Learn about the applicability of PCI DSS, key security practices mandated by version 3 of the standard, and how to implement them effectively. Gain insights into secure software development lifecycle practices, handling cardholder data in memory, environment separation, change control mechanisms, secure coding techniques, and protecting web applications against known attacks. Understand how industry standards like OWASP can be used as evidence for meeting PCI DSS requirements. Benefit from the speaker's expertise as a Qualified Security Assessor (QSA) to ensure your applications meet compliance requirements and protect cardholder data effectively.
Syllabus
Geraint Williams - PCIDSS and Secure Applications
Taught by
OWASP Foundation