• What can we fix from our PCI scan?

    I'm pretty new to PCI and my organization just got the Trustkeeper PCI Scan and we got several results including: DB Accesibility SSLv2 Supported Ton of OpenSSL related vulnerabilities Apache Tomcat vulnerabilities BIND related vulnerabilities What vulnerabilities should be fixed by my company?...

    ITKE439,630 pointsBadges:
  • PCI compliance issue with SQL injection

    We're working on a client's PCI compliance. Here's one of the failing issues: 3.1.4. Blind SQL Injection (httpgenericscriptblindsqlinjection) We found out that the issue might be with the OWA. Does anyone know how to fix this issue?

    ITKE439,630 pointsBadges:
  • How to get my Ubuntu system PCI DSS compliant

    I'm trying to get PCI compliant and a scanning company flagged our Ubuntu system for not being compliant. What should we do here? It has to do with our open_basedir, which they don't support. Thank you for your help.

    ITKE439,630 pointsBadges:
  • Failed PCI compliance check on IIS

    Our website just failed a PCI Compliance check. Our report said the site supported weak ciphers. But we thought we disabled that by turning off the SSL on our web servers. What else we need to check? Should we look at the load balancer? Thank you very much!

    ITKE439,630 pointsBadges:
  • Is there a way to isolate PCI compliance?

    Our company is currently in the process (but not storing) of credit card data. We also authorize the cards through a developed app using the authorize.net API. Now, if it's possible, we would like to limit the requirements of PCI that would affect our servers to an isolated separate environment. Is...

    ITKE439,630 pointsBadges:
  • What’s the cost of PCI compliance for a PHP script?

    I'm developing a single PHP script (it's for a new piece of software) which will collect cardholder information and store it in a MySQL database. Obviously, we're taking our security very seriously but we need some help. What scans do we need to find? After, what's the cost of PCI compliance for...

    ITKE439,630 pointsBadges:
  • PCI compliance rules for storing credit card numbers

    I apologize for the 'newbie' question but does anyone know what the PCI rules to follow are for storing credit card numbers in a database? Can anyone point me in the right direction?

    ITKE439,630 pointsBadges:
  • Storing billing data in a MySQL database: A PCI compliance violation?

    For the past several months, I've been developing a shopping cart and I need to store Name, Billing, Address and Zip Code into a MySQL database. I'm doing this because a returning customer wouldn't have to re-enter billing information. Also, I'm not storing any credit data. Just to ask, am I in...

    ITKE439,630 pointsBadges:
  • Does anyone know if Apache Tomcat is PCI compliant?

    Would anyone happen to know if Apache Tomcat is PCI compliant? I'm worried if there's any vulnerabilities where credit card PANs are stored. Thank you!

    ITKE439,630 pointsBadges:
  • Vendor audit program for quality and compliance

    Does Ariba have a vendor audit program which addresses quality and compliance?

    Cschra5 pointsBadges:
  • Businesses under OSHA umbrella

    Which businesses do not fall under OSHA umbrella?

    Jenkinss5 pointsBadges:
  • Vendors that are currently FedRamp certified

    Is there a list of vendors that are currently FedRamp certified? My Government agency is looking to move to a Security Web Solution for our Electronic Loan Application and I'm working on some market research on possible vendors for IDP and TFA.

    tlserafi5 pointsBadges:
  • Compliance in foreign exchange/banking service

    What is meant by compliance in a foreign exchange/banking service?

    suresh39685 pointsBadges:
  • Regulations that apply to ILECs

    I am researching whether my county can create its own ILEC (Independent Local Exchange Carrier). I am clear on the state laws that apply, but am curious as to what federal regulations apply to ILEC and what steps would need to be taken on the federal level. I know the FCC regulates ILECs, but that...

    wwelsh5 pointsBadges:
  • In which module of a SAP ERP/PLM system should compliance checks be organized?

    When a original equipment manufacturer designs and produces materials he has to comply with relevant national and international standards. The problem is how to link the material master to the different parts of these standards in order to keep track of where one is in compliance and where changes...

    115321gunn5 pointsBadges:
  • 508 Compliance

    Is Siebel considered to be 508 Compliant?

    sweiler0015 pointsBadges:
  • Single – sign on for ISO 27001 compliance

    Is Single sign-on required for ISO 27001 compliance?

    JonPawsey5 pointsBadges:
  • PCI Compliance Scope

    Hello all, I'm wondering if anyone has been through a PCI compliance assessment and could share some insight and information with me. I have a specific question, but I also welcome anyone's thoughts about how the assessment went, was it harder or easier to pass than they expected, etc? My specific...

    jwcalifo5 pointsBadges:
  • Procedures for a new area

    We are a company where we have experience on network remote administration and now we have open a new area, The area of security. Now I need to start to make new procedures like when a new customer come to us and ask if we can handle the security for his network. I need to know if some one can...

    Millan0 pointsBadges:
  • Unified Communications product qualification flow

    I want to know how to build a set of UC product, like Plantronics UC wireless headset system voyager Pro UC. Maybe the product adapt to Microsoft® Office Communicator 2007. My question is: How to qualify this product? Must it get some UC qualifications? Is there some UC compliance? What's the...

    Springsummer5 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following