In our many advisories over the years with companies going through PCI, some of the challenges we face include this little thing called compensating controls. It’s a PCI term in many sense. Same as ‘segmentation penetration testing’. It’s when you … Continue reading
Of late we have been receiving numerous calls from software developers requesting us how on earth do they become PCI-DSS certified. It’s never easy to explain over the phone, especially with misconceptions that PCI-DSS is a license, or a software, … Continue reading
We just received very good updates from the Alienvault channel team (or AT&T Cybersecurity team as they call themselves now). I think to quickly summarise our excitement into two short phrases: a) Google Cloud Support – Heck Yeah. b) Custom … Continue reading
We’ve been working with and on Alienvault since the beginning of 2016 and a lot has changed since then. When we started out with Alienvault, they were a small-ish company still, with big ambitions, working with a very technical group … Continue reading
In our previous article we wrote on how Bitlocker can possibly be used as a full disk encryption solution for PCI-DSS. One of the key things is for the following statement to be complied to: If disk encryption is used … Continue reading