PCI 4.0 for Pen Testers

  • min read
  • By EC-Council University
PCI DSS v4.0 Compliance for Pen Testers_ECCU

Date: Sept 16, 2022
Time: 6.30 am PDT/2.30 p.m. BST/7:00 p.m. IST.
Topic: PCI 4.0 for Pen Testers

Watch Now

Abstract:
The Payment Card Industry Data Security Standard (PCI DSS) was introduced in 2004 to minimize the risk of financial fraud and improve security in credit card transactions. In an age where cyberattacks have become an everyday reality, PCI DSS compliance helps businesses avoid data breaches and build customer loyalty and trust.

Since the introduction of the PCI DSS requirement for penetration testing and vulnerability scans, a variety of pen testing and reporting structures have been proposed. However, the PCI Security Standards Council has not provided comprehensive guidance on how clients should meet pen testing requirements, and small changes in the standard can have rippling effects on the scope and breadth of tests. This webinar provides an overview of the PCI DSS requirements and definitions that affect pen testing, including how pen testers can create a properly formatted report.

 

Key takeaways:

  • Individual PCI DSS requirements that affect penetration tests, including Requirement 12.10.7
  • The scope of internal and external pen testing and specific PCI DSS resources to justify this interpretation (Requirement 12.5.2)
  • A review of success criteria
  • Segmentation pen testing and Requirement 11.3.4 compliance
  • How to review the contents of the final and post-remediation reports

 

Speaker:

joseph pieriniJoseph Pierini

Bio: Joseph Pierini is a product evangelist at PlexTrac who is experienced in developing and executing pen testing programs supporting the PCI DSS, among other privacy laws and regulations. Joseph was the lead writer of The PCI DSS Information Supplement: Penetration Testing Guidance, published in March 2015. He is also a published researcher who has discovered and obtained CVEs for vulnerabilities in applications including Apache Tomcat, Caucho’s Resin Application Server, various search engines, web application firewalls, and multiple e-commerce shopping carts.

 

*Examples, analysis, views and opinion shared by the speakers are personal and not endorsed by EC-Council or their respective employer(s)


Share this post

Facebook X-twitter Linkedin Pinterest Whatsapp

Recent Posts

INQUIRE NOW

Related Posts

Why CEH and CND Certifications Are Essential for Cybersecurity Careers

Why Industry Certifications Like CEH and CND are Essential for Computer Science Graduates

In today’s fast-paced digital world, computer science graduates face an ever-evolving landscape of opportunities and challenges. The swift expansion of technology has resulted in the

....
The Future of Cybersecurity - Why Now Is the Best Time to Pursue a Online Degree in This Field

The Future of Cybersecurity in 2024: Why Now Is the Best Time to Pursue an Online Degree in This Field

The pressing need for skilled cybersecurity professionals is more evident than ever in our increasingly interconnected world. With cyber threats evolving in complexity and frequency, businesses, governments, and individuals are at constant risk.....
01 The Rise of Threat Intelligence - A Guide to Careers and Jobs

The Rise of Threat Intelligence – A Guide to Careers and Jobs

Cyberattacks are growing in sophistication and frequency, making threat intelligence a cornerstone of modern cybersecurity. Organizations are on the front lines of this battle, and

....
Ethical Hacking and Bug Bounty Programs How They Improve Cybersecurity

Ethical Hacking and Bug Bounty Programs: How They Improve Cybersecurity

In the digital age, cybersecurity is a critical concern for individuals and organizations. With the rapid evolution of technology and the escalating sophistication of cyber

....
How to Prevent Ransomware as a Service (RaaS) Attacks

The Rise of Ransomware-as-a-Service (RaaS): How to Stay Ahead of Evolving Threats

In recent years, the cybersecurity landscape has been dramatically reshaped by the emergence of Ransomware-as-a-Service (RaaS). This new model has made sophisticated ransomware attacks available

....
Online Graduate Certificate Program in Information Security

How an Online Graduate Certificate Program in Information Security Can Give You a Distinct Career Edge

Have you ever wanted to make a real impact in a field that protects the very fabric of our digital world? If you’re looking to

....

Are you looking to pursue a career in cybersecurity?

Unlock Your Cyber Security Potential at EC-Council University

Talk to Our Counselors Now!
Apply Now
Footer Logo

Quick Menu

Academics

Scholarships