Many organizations have multiple IAM schemes that they forget about when it comes to a robust compliance framework such as PCI DSS. There are, at minimum, two schemes that need to be reviewed, but consider if you have more from this potential, and probably incomplete, list: Bottom line, in whatever fashion someone or something validates their authorization to use the device, service, or application, that authorization must be mapped to the role and privileges afforded to that actor.

The Advancement in technology and online payment transaction has offered an immense amount of convenience to both consumers and businesses. The ease and widespread acceptance of online payment including the credit/debit card transaction has streamlined business processes and payment transactions greatly.

PCI 4.0 — the PCI Standards Security Council’s first update since 2018 to the PCI Data Security Standards (PCI DSS) — is a major iteration that shifts away from the traditional point-in-time assessment. Do you remember how an auditor would annually determine the PCI compliance status of a merchant’s or service provider’s system on a specific day in a specific month and assume — somehow — that the snapshot characterized their status all year?

The New Year brings with it so much to look forward to and we are happy to bring even more to be excited about: a new release for the Splunk App for PCI Compliance. Starting January 11th, version 5.1 will be Generally Available. In this blog, let's review the main benefits of the Splunk App for PCI Compliance and highlight the improvements that version 5.1 brings.

In today’s fast-moving and competitive marketplace, you can barely find any businesses and merchants that still haven’t adopted the use of credit cards for their services. More than a third of American cardholders use credit cards for their transactions on a monthly basis. With the rising prevalence of identity theft, over 1.1 billion personal records were exposed by data breaches and credit card fraud alone.

Becoming and staying PCI compliant both take a lot of work. Developers are often already swamped with an endless list of tasks, and adding PCI compliance can be overwhelming. Security awareness is one thing, but a set of requirements is entirely different. It means you have less freedom in how you wish to implement security in your application, and you must understand the requirements demanded by your organization.

File Integrity Monitoring, aka as FIM, is a must-have feature for anyone in charge of security. With FIM, one can detect when a critical file, such as a file that belongs to the Operating System, or a key configuration file, is changed. In most cases, configuring FIM is straightforward: If the file changes then generate an alert.

2022 is the year that much of the world managed, to varying degrees of success, to get back to normal. People ramped up traveling, returned to in-person activities and many returned to the office. The pandemic changed most aspects of day-to-day life, but hackers and other bad actors generally continued making life difficult for businesses, governments, and non-profit entities.