#pcidss — Public Fediverse posts on home.social

7ASecurity @7ASecurity · 2026-05-13 · 13:16 UTC

💳 PCI DSS compliance ≠ real security.
Scans alone won’t stop attackers.

▶️ https://7asecurity.com/blog/2026/05/pci-dss-vulnerability-management/

#cybersecurity #pcidss #pentesting

Denny @[email protected] · 2026-02-23 · 19:24 UTC

@xeraa Das Problem ist auch Graylog. Wir hängen an Graylog 6.0.14, weil das die letzte Version ist, die mit dem ELK 7.10 zusammenarbeitet. Für Graylog 6.1 braucht es dann eine sehr aufwende ELK / OpenSearch Migration und die bringt Probleme mit sich. Mein Kollege könnte da genaueres sagen .. aber es war etwas nicht triviales.

Man hat sich dazu entschieden, die Speicherdauer auf 3 Monate zu reduzieren, da unser Syslog (rsyslog) das ganze Jahr speichert, um den #pcidss #auditor glücklich zu machen.

Parallel wird geschaut, #victorialogs parallel laufen zu lassen, da der nur einen Bruchteil an Kapazität in Anspruch nimmt.

#pcidss #auditor #victorialogs

Pyrzout :vm: @[email protected] · 2026-01-08 · 06:30 UTC

Passwords are where PCI DSS compliance often breaks down https://www.helpnetsecurity.com/2026/01/08/passwords-pci-dds-compliance/ #passwordmanager #compliance #Don'tmiss #Hotstuff #Passwork #PCIDSS #News

#passwordmanager #compliance #don #hotstuff #passwork #pcidss

Kyle Reddoch (CybersecKyle) @[email protected] · 2025-12-09 · 19:06 UTC

GRC rarely feels like “governance, risk, and compliance” and more like alphabet soup with lawyers attached.

I wrote up how I approach GRC as an Associate CCISO: one risk-based program mapped to HIPAA, PCI DSS, NIST CSF, FTC Safeguards, and NIS2 instead of five separate nightmares.

🔗 https://www.kylereddoch.me/blog/grc-in-the-real-world-making-hipaa-pci-nist-csf-ftc-safeguards-and-nis2-work-together/

#GRC #CyberSecurity #InfoSec #Compliance #HIPAA #PCIDSS #NISTCSF #NIS2

#grc #cybersecurity #infosec #compliance #hipaa #pcidss

cs @[email protected] · 2025-12-03 · 12:10 UTC

Chase account tells me that #Animoto is storing my payment card information despite me closing the account. I reached out to them, and they confirmed my account has been closed. That is NOT why I contacted them. I contacted them because my card company believes they are still holding onto my payment information. I do not know how they know that, but apparently they do, and it shows on the security page at Chase. Chase says they cannot remove it and I must contact the merchant.

#PCI #PCIDSS

#animoto #pci #pcidss

Denny @[email protected] · 2025-09-19 · 18:23 UTC

Auch in der Firma geht es voran: Für #pcidss (4.x!!!!)sind die unangenehmen Fragen für uns durch. Nur noch Pakete schnüren und alles hochladen zzgl. gefixter Incidents (Icinga Checks für ClamAV Prozess) und dann abwarten. Die Entwickler haben etwas mehr zu tun.

Und hab neues #logsystem fast schon komplett. #fluentbit wird #nxlog ersetzen. #victorialogs wird eine Weile parallel zum #Graylog laufen und die mangelnde Auth Fähigkeit von vmlog wird mittels #Nginx und #oauthproxy kompensiert. Es gibt auch ein schönes Ticket: Feature Request für fluentbit: Parameter für #yaml oder classic. Dann kann man nämlich fluent Config über Graylog ausrollen 😍

#pcidss #logsystem #fluentbit #nxlog #victorialogs #graylog

Pyrzout :vm: @[email protected] · 2025-02-26 · 07:05 UTC

The compliance illusion: Why your company might be at risk despite passing audits https://www.helpnetsecurity.com/2025/02/26/compliance-security-illustion/ #cybersecurity #compliance #regulation #Don'tmiss #Hotstuff #auditing #ISO27001 #strategy #Fortra #PCIDSS #howto #News #CISO #NIST #tips #CXO

#cybersecurity #compliance #regulation #don #hotstuff #auditing

Relianoid @relianoid · 2024-10-15 · 12:15 UTC

🔐 Simplify PCI DSS compliance with RELIANOID!

Our load balancer offers SSL offloading, WAF, and real-time monitoring to keep your payment data secure and streamline compliance.

Stay secure. Stay compliant. 💳⚙️

#PCIDSS #Compliance #RELIANOID #Cybersecurity #PaymentSecurity
https://www.relianoid.com/blog/ensuring-payment-card-industry-data-security-compliance/

#pcidss #compliance #relianoid #cybersecurity #paymentsecurity

Pyrzout :vm: @[email protected] · 2024-09-02 · 09:55 UTC

Complying with PCI DSS requirements by 2025 https://www.helpnetsecurity.com/2024/09/02/pci-dss-requirements/ #Expertanalysis #cybersecurity #Expertcorner #Integrity360 #compliance #Don'tmiss #Hotstuff #opinion #PCIDSS #News

#expertanalysis #cybersecurity #expertcorner #integrity360 #compliance #don

Todd A. Jacobs | Pragmatic Cybersecurity @[email protected] · 2023-07-20 · 19:29 UTC

@bernie I can't speak to your local regulations, but there are certain types of audits and reports (e.g. #SOC attestations) that have to be done by a #CPA. Other types of audits may also have specific credentialing requirements, too, such as a #qsa for #pcidss.

This post explains a bit about the CPA requirement for SOC reports. It's written more accessibly than the official AICPA information, IMHO.

https://linfordco.com/blog/who-can-perform-soc-audit/

You don't need to be a CPA or QSA for every type of auditing role, and there are certainly ways that other technical and security experts can be involved in auditing. Maybe you need to look for internal audit roles that aren't related to financial systems, but that's just an educated guess.

Good luck in your job search!

#soc #cpa #qsa #pcidss