Posts Categorized: Penetration Testing Certificate
The ASV Program Guide describes the various responsibilities for all parties involved in the PCI ASV Scanning process. There are a number of parties, but here we’re just concentrating on two. They are the scan customer (you) and the Approved Scanning Vendor (Ambersail). The following text is taken from the official ASV program guide, which… Read more »
Do you operate public-facing web applications in your card data environment? Here’s a pointer to a great source of information from the Open Web Application Security Project (OWASP) on the subject of virtual patching. What is virtual patching? Within the context of web vulnerabilities, this refers to the practice of applying a defensive layer to intercept… Read more »
Apple has (somewhat quietly) published a guide to iOS security. If you’re building apps on the iOS platform then this document will certainly be of interest to you. For example there are details of the platform’s data protection and encryption mechanisms. Download the PDF from here.