Overview
Explore a comprehensive analysis of PCI DSS compliance failures through real-world case studies in this informative conference talk. Delve into the PCI Security Standards Council overview, understand why companies fail PCI DSS, and examine compliance requirements section by section. Learn about cardholder data segmentation, PCI DSS scoping basics and guidance, and analyze practical case studies on scoping and CHD discovery. Investigate vulnerability management, security testing, and audit logging practices. Examine firewall rules and other common PCI DSS failure points to gain valuable insights into achieving and maintaining true compliance.
Syllabus
Intro
PCI SSC Overview
PCI Security Standards
Why Do Companies Fail PCI DSS?
PCI DSS Compliance by Section
Cardholder Data Segmentation
PCI DSS Scoping Basics
PCI DSS Scoping Guidance
PCI Scoping Case Study #2
Storage of Cardholder Data
CHD Discovery Case Study
Sample Transaction Log
Vulnerability Management
PCI DSS 6.1 / 6.2 Guidance
Security Testing
Vulnerability Scan Case Study
Audit Logging
Firewall Rules
Other Common PCI DSS Failure Points