home.social

#pcidss — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #pcidss, aggregated by home.social.

  1. Security isn’t a checkbox — it’s a commitment.
    RELIANOID’s latest 𝗣𝗖𝗜 𝗗𝗦𝗦 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝗦𝘁𝗮𝘁𝗲𝗺𝗲𝗻𝘁 shows exactly how that commitment translates into action.

    From network security to incident response, RELIANOID aligns with key PCI DSS requirements to help organizations operate confidently within or alongside the 𝗖𝗮𝗿𝗱𝗵𝗼𝗹𝗱𝗲𝗿 𝗗𝗮𝘁𝗮 𝗘𝗻𝘃𝗶𝗿𝗼𝗻𝗺𝗲𝗻𝘁 (𝗖𝗗𝗘).

    If PCI DSS matters to your business, this is worth your attention.

    👉 Dive into the full statement: relianoid.com/security-complia

  2. PCI DSS is a global security standard that applies to any fintech handling payment card data. It defines 12 requirements covering data protection, access control, network security, and vulnerability management.

    #Fintech #PCIDSS

  3. PCI DSS is a global security standard that applies to any fintech handling payment card data. It defines 12 requirements covering data protection, access control, network security, and vulnerability management.

    #Fintech #PCIDSS

  4. PCI DSS is a global security standard that applies to any fintech handling payment card data. It defines 12 requirements covering data protection, access control, network security, and vulnerability management.

    #Fintech #PCIDSS

  5. PCI DSS is a global security standard that applies to any fintech handling payment card data. It defines 12 requirements covering data protection, access control, network security, and vulnerability management.

    #Fintech #PCIDSS

  6. #banque #PCIDSS
    Les banques : "On veut pas de TOTP, parceque c'est pas un code lié à la transaction, alors on vous fourgue notre appli bancaire merdique connectée pour valider un paiement."

    Also les banques : "Le code de votre carte bancaire c'est 4 chiffres et ça change jamais. "

    :troll:

  7. #banque #PCIDSS
    Les banques : "On veut pas de TOTP, parceque c'est pas un code lié à la transaction, alors on vous fourgue notre appli bancaire merdique connectée pour valider un paiement."

    Also les banques : "Le code de votre carte bancaire c'est 4 chiffres et ça change jamais. "

    :troll:

  8. #banque #PCIDSS
    Les banques : "On veut pas de TOTP, parceque c'est pas un code lié à la transaction, alors on vous fourgue notre appli bancaire merdique connectée pour valider un paiement."

    Also les banques : "Le code de votre carte bancaire c'est 4 chiffres et ça change jamais. "

    :troll:

  9. #banque #PCIDSS
    Les banques : "On veut pas de TOTP, parceque c'est pas un code lié à la transaction, alors on vous fourgue notre appli bancaire merdique connectée pour valider un paiement."

    Also les banques : "Le code de votre carte bancaire c'est 4 chiffres et ça change jamais. "

    :troll:

  10. #banque #PCIDSS
    Les banques : "On veut pas de TOTP, parceque c'est pas un code lié à la transaction, alors on vous fourgue notre appli bancaire merdique connectée pour valider un paiement."

    Also les banques : "Le code de votre carte bancaire c'est 4 chiffres et ça change jamais. "

    :troll:

  11. 𝗚𝗼𝗼𝗴𝗹𝗲 𝗮𝗻𝗱 𝗬𝗮𝗵𝗼𝗼 𝗮𝗿𝗲 𝗿𝗲𝗷𝗲𝗰𝘁𝗶𝗻𝗴 𝘂𝗻𝗮𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗲𝗱 𝗲𝗺𝗮𝗶𝗹. 𝗜𝘀 𝘆𝗼𝘂𝗿𝘀 𝗻𝗲𝘅𝘁?

    Not filter. Reject.

    I scanned 5.5M domains.
    Only 30.4% have a DMARC record.
    Only 12.8% are at enforcement (p=quarantine or p=reject).

    That means 87% of domains are exposed. Check yours in 10 seconds.

    No signup required.
    dmarcguard.io/tools/dmarc-chec

    #DMARC #EmailSecurity #PCIDSS #EmailCompliance

  12. 𝗚𝗼𝗼𝗴𝗹𝗲 𝗮𝗻𝗱 𝗬𝗮𝗵𝗼𝗼 𝗮𝗿𝗲 𝗿𝗲𝗷𝗲𝗰𝘁𝗶𝗻𝗴 𝘂𝗻𝗮𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗲𝗱 𝗲𝗺𝗮𝗶𝗹. 𝗜𝘀 𝘆𝗼𝘂𝗿𝘀 𝗻𝗲𝘅𝘁?

    Not filter. Reject.

    I scanned 5.5M domains.
    Only 30.4% have a DMARC record.
    Only 12.8% are at enforcement (p=quarantine or p=reject).

    That means 87% of domains are exposed. Check yours in 10 seconds.

    No signup required.
    dmarcguard.io/tools/dmarc-chec

    #DMARC #EmailSecurity #PCIDSS #EmailCompliance

  13. 𝗚𝗼𝗼𝗴𝗹𝗲 𝗮𝗻𝗱 𝗬𝗮𝗵𝗼𝗼 𝗮𝗿𝗲 𝗿𝗲𝗷𝗲𝗰𝘁𝗶𝗻𝗴 𝘂𝗻𝗮𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗲𝗱 𝗲𝗺𝗮𝗶𝗹. 𝗜𝘀 𝘆𝗼𝘂𝗿𝘀 𝗻𝗲𝘅𝘁?

    Not filter. Reject.

    I scanned 5.5M domains.
    Only 30.4% have a DMARC record.
    Only 12.8% are at enforcement (p=quarantine or p=reject).

    That means 87% of domains are exposed. Check yours in 10 seconds.

    No signup required.
    dmarcguard.io/tools/dmarc-chec

    #DMARC #EmailSecurity #PCIDSS #EmailCompliance

  14. @xeraa Das Problem ist auch Graylog. Wir hängen an Graylog 6.0.14, weil das die letzte Version ist, die mit dem ELK 7.10 zusammenarbeitet. Für Graylog 6.1 braucht es dann eine sehr aufwende ELK / OpenSearch Migration und die bringt Probleme mit sich. Mein Kollege könnte da genaueres sagen .. aber es war etwas nicht triviales.

    Man hat sich dazu entschieden, die Speicherdauer auf 3 Monate zu reduzieren, da unser Syslog (rsyslog) das ganze Jahr speichert, um den #pcidss #auditor glücklich zu machen.

    Parallel wird geschaut, #victorialogs parallel laufen zu lassen, da der nur einen Bruchteil an Kapazität in Anspruch nimmt.

  15. @xeraa Das Problem ist auch Graylog. Wir hängen an Graylog 6.0.14, weil das die letzte Version ist, die mit dem ELK 7.10 zusammenarbeitet. Für Graylog 6.1 braucht es dann eine sehr aufwende ELK / OpenSearch Migration und die bringt Probleme mit sich. Mein Kollege könnte da genaueres sagen .. aber es war etwas nicht triviales.

    Man hat sich dazu entschieden, die Speicherdauer auf 3 Monate zu reduzieren, da unser Syslog (rsyslog) das ganze Jahr speichert, um den #pcidss #auditor glücklich zu machen.

    Parallel wird geschaut, #victorialogs parallel laufen zu lassen, da der nur einen Bruchteil an Kapazität in Anspruch nimmt.

  16. @xeraa Das Problem ist auch Graylog. Wir hängen an Graylog 6.0.14, weil das die letzte Version ist, die mit dem ELK 7.10 zusammenarbeitet. Für Graylog 6.1 braucht es dann eine sehr aufwende ELK / OpenSearch Migration und die bringt Probleme mit sich. Mein Kollege könnte da genaueres sagen .. aber es war etwas nicht triviales.

    Man hat sich dazu entschieden, die Speicherdauer auf 3 Monate zu reduzieren, da unser Syslog (rsyslog) das ganze Jahr speichert, um den #pcidss #auditor glücklich zu machen.

    Parallel wird geschaut, #victorialogs parallel laufen zu lassen, da der nur einen Bruchteil an Kapazität in Anspruch nimmt.

  17. @xeraa Das Problem ist auch Graylog. Wir hängen an Graylog 6.0.14, weil das die letzte Version ist, die mit dem ELK 7.10 zusammenarbeitet. Für Graylog 6.1 braucht es dann eine sehr aufwende ELK / OpenSearch Migration und die bringt Probleme mit sich. Mein Kollege könnte da genaueres sagen .. aber es war etwas nicht triviales.

    Man hat sich dazu entschieden, die Speicherdauer auf 3 Monate zu reduzieren, da unser Syslog (rsyslog) das ganze Jahr speichert, um den #pcidss #auditor glücklich zu machen.

    Parallel wird geschaut, #victorialogs parallel laufen zu lassen, da der nur einen Bruchteil an Kapazität in Anspruch nimmt.

  18. @xeraa Das Problem ist auch Graylog. Wir hängen an Graylog 6.0.14, weil das die letzte Version ist, die mit dem ELK 7.10 zusammenarbeitet. Für Graylog 6.1 braucht es dann eine sehr aufwende ELK / OpenSearch Migration und die bringt Probleme mit sich. Mein Kollege könnte da genaueres sagen .. aber es war etwas nicht triviales.

    Man hat sich dazu entschieden, die Speicherdauer auf 3 Monate zu reduzieren, da unser Syslog (rsyslog) das ganze Jahr speichert, um den #pcidss #auditor glücklich zu machen.

    Parallel wird geschaut, #victorialogs parallel laufen zu lassen, da der nur einen Bruchteil an Kapazität in Anspruch nimmt.

  19. GRC rarely feels like “governance, risk, and compliance” and more like alphabet soup with lawyers attached.

    I wrote up how I approach GRC as an Associate CCISO: one risk-based program mapped to HIPAA, PCI DSS, NIST CSF, FTC Safeguards, and NIS2 instead of five separate nightmares.

    🔗 kylereddoch.me/blog/grc-in-the

    #GRC #CyberSecurity #InfoSec #Compliance #HIPAA #PCIDSS #NISTCSF #NIS2

  20. GRC rarely feels like “governance, risk, and compliance” and more like alphabet soup with lawyers attached.

    I wrote up how I approach GRC as an Associate CCISO: one risk-based program mapped to HIPAA, PCI DSS, NIST CSF, FTC Safeguards, and NIS2 instead of five separate nightmares.

    🔗 kylereddoch.me/blog/grc-in-the

    #GRC #CyberSecurity #InfoSec #Compliance #HIPAA #PCIDSS #NISTCSF #NIS2

  21. GRC rarely feels like “governance, risk, and compliance” and more like alphabet soup with lawyers attached.

    I wrote up how I approach GRC as an Associate CCISO: one risk-based program mapped to HIPAA, PCI DSS, NIST CSF, FTC Safeguards, and NIS2 instead of five separate nightmares.

    🔗 kylereddoch.me/blog/grc-in-the

    #GRC #CyberSecurity #InfoSec #Compliance #HIPAA #PCIDSS #NISTCSF #NIS2

  22. GRC rarely feels like “governance, risk, and compliance” and more like alphabet soup with lawyers attached.

    I wrote up how I approach GRC as an Associate CCISO: one risk-based program mapped to HIPAA, PCI DSS, NIST CSF, FTC Safeguards, and NIS2 instead of five separate nightmares.

    🔗 kylereddoch.me/blog/grc-in-the

    #GRC #CyberSecurity #InfoSec #Compliance #HIPAA #PCIDSS #NISTCSF #NIS2

  23. GRC rarely feels like “governance, risk, and compliance” and more like alphabet soup with lawyers attached.

    I wrote up how I approach GRC as an Associate CCISO: one risk-based program mapped to HIPAA, PCI DSS, NIST CSF, FTC Safeguards, and NIS2 instead of five separate nightmares.

    🔗 kylereddoch.me/blog/grc-in-the

    #GRC #CyberSecurity #InfoSec #Compliance #HIPAA #PCIDSS #NISTCSF #NIS2

  24. Chase account tells me that #Animoto is storing my payment card information despite me closing the account. I reached out to them, and they confirmed my account has been closed. That is NOT why I contacted them. I contacted them because my card company believes they are still holding onto my payment information. I do not know how they know that, but apparently they do, and it shows on the security page at Chase. Chase says they cannot remove it and I must contact the merchant.

    #PCI #PCIDSS

  25. Chase account tells me that #Animoto is storing my payment card information despite me closing the account. I reached out to them, and they confirmed my account has been closed. That is NOT why I contacted them. I contacted them because my card company believes they are still holding onto my payment information. I do not know how they know that, but apparently they do, and it shows on the security page at Chase. Chase says they cannot remove it and I must contact the merchant.

    #PCI #PCIDSS

  26. Chase account tells me that #Animoto is storing my payment card information despite me closing the account. I reached out to them, and they confirmed my account has been closed. That is NOT why I contacted them. I contacted them because my card company believes they are still holding onto my payment information. I do not know how they know that, but apparently they do, and it shows on the security page at Chase. Chase says they cannot remove it and I must contact the merchant.

    #PCI #PCIDSS

  27. Chase account tells me that #Animoto is storing my payment card information despite me closing the account. I reached out to them, and they confirmed my account has been closed. That is NOT why I contacted them. I contacted them because my card company believes they are still holding onto my payment information. I do not know how they know that, but apparently they do, and it shows on the security page at Chase. Chase says they cannot remove it and I must contact the merchant.

    #PCI #PCIDSS

  28. Chase account tells me that #Animoto is storing my payment card information despite me closing the account. I reached out to them, and they confirmed my account has been closed. That is NOT why I contacted them. I contacted them because my card company believes they are still holding onto my payment information. I do not know how they know that, but apparently they do, and it shows on the security page at Chase. Chase says they cannot remove it and I must contact the merchant.

    #PCI #PCIDSS

  29. PCI DSS 4.0 represents a philosophical shift from point-in-time validation to continuous, risk-based assurance.

    Ready to operationalize compliance as a continuous practice?

    Join us today at 10am PT / 1pm ET for a joint session with ControlCase and PCI DSS author Branden R. Williams.

    In this webinar, we'll explore:

    > The new compliance paradigm: Understanding the intent behind PCI DSS 4.0 changes and what continuous assurance means for your operations.

    > Automation at scale: How to automate and scale assessment processes while maintaining control and visibility.

    > Infrastructure for compliance: Using the SecOps Cloud Platform as your central compliance data layer with built-in retention, auditability, and integration capabilities.

    > MSSP opportunities: How service providers can efficiently scale compliance services and create new revenue streams.

    Learn how to build compliance operations that support business growth and trust.

    Register now: limacharlie.wistia.com/live/ev

    #cybersecurity #pcidss #compliance #secops

  30. PCI DSS 4.0 represents a philosophical shift from point-in-time validation to continuous, risk-based assurance.

    Ready to operationalize compliance as a continuous practice?

    Join us today at 10am PT / 1pm ET for a joint session with ControlCase and PCI DSS author Branden R. Williams.

    In this webinar, we'll explore:

    > The new compliance paradigm: Understanding the intent behind PCI DSS 4.0 changes and what continuous assurance means for your operations.

    > Automation at scale: How to automate and scale assessment processes while maintaining control and visibility.

    > Infrastructure for compliance: Using the SecOps Cloud Platform as your central compliance data layer with built-in retention, auditability, and integration capabilities.

    > MSSP opportunities: How service providers can efficiently scale compliance services and create new revenue streams.

    Learn how to build compliance operations that support business growth and trust.

    Register now: limacharlie.wistia.com/live/ev

    #cybersecurity #pcidss #compliance #secops

  31. PCI DSS 4.0 represents a philosophical shift from point-in-time validation to continuous, risk-based assurance.

    Ready to operationalize compliance as a continuous practice?

    Join us today at 10am PT / 1pm ET for a joint session with ControlCase and PCI DSS author Branden R. Williams.

    In this webinar, we'll explore:

    > The new compliance paradigm: Understanding the intent behind PCI DSS 4.0 changes and what continuous assurance means for your operations.

    > Automation at scale: How to automate and scale assessment processes while maintaining control and visibility.

    > Infrastructure for compliance: Using the SecOps Cloud Platform as your central compliance data layer with built-in retention, auditability, and integration capabilities.

    > MSSP opportunities: How service providers can efficiently scale compliance services and create new revenue streams.

    Learn how to build compliance operations that support business growth and trust.

    Register now: limacharlie.wistia.com/live/ev

    #cybersecurity #pcidss #compliance #secops

  32. Two days until our PCI DSS 4.0 webinar with ControlCase and author Branden R. Williams.

    Wednesday, November 12th at 10am PT / 1pm ET.

    PCI DSS 4.0 is more than new requirements. It's a shift to continuous, risk-based security that creates opportunities for organizations that embrace it.

    We'll cover:

    > What's changed and why it matters
    > How to interpret the intent behind the requirements
    > Operationalizing continuous compliance
    > Creating competitive advantages through automated assessment and enforcement

    Designed for security engineers, compliance architects, and service providers building scalable compliance operations.

    Last chance to register: limacharlie.wistia.com/live/ev

    #cybersecurity #pcidss #compliance #secops

  33. Two days until our PCI DSS 4.0 webinar with ControlCase and author Branden R. Williams.

    Wednesday, November 12th at 10am PT / 1pm ET.

    PCI DSS 4.0 is more than new requirements. It's a shift to continuous, risk-based security that creates opportunities for organizations that embrace it.

    We'll cover:

    > What's changed and why it matters
    > How to interpret the intent behind the requirements
    > Operationalizing continuous compliance
    > Creating competitive advantages through automated assessment and enforcement

    Designed for security engineers, compliance architects, and service providers building scalable compliance operations.

    Last chance to register: limacharlie.wistia.com/live/ev

    #cybersecurity #pcidss #compliance #secops

  34. Two days until our PCI DSS 4.0 webinar with ControlCase and author Branden R. Williams.

    Wednesday, November 12th at 10am PT / 1pm ET.

    PCI DSS 4.0 is more than new requirements. It's a shift to continuous, risk-based security that creates opportunities for organizations that embrace it.

    We'll cover:

    > What's changed and why it matters
    > How to interpret the intent behind the requirements
    > Operationalizing continuous compliance
    > Creating competitive advantages through automated assessment and enforcement

    Designed for security engineers, compliance architects, and service providers building scalable compliance operations.

    Last chance to register: limacharlie.wistia.com/live/ev

    #cybersecurity #pcidss #compliance #secops

  35. PCI DSS 4.0 isn't just a compliance update. It's a fundamental shift to continuous, risk-based security.

    Join LimaCharlie, ControlCase, and author Branden R. Williams on Wednesday, November 12th at 10am PT to learn how to turn compliance from a burden into a competitive advantage.

    What you'll learn:

    > What's changed in PCI DSS 4.0 and why
    > How MSSPs can create new revenue opportunities through compliance as a service
    > Building continuous compliance operations with automated data collection and enforcement
    > Practical approaches to auditability, retention, and integration

    Register now: limacharlie.wistia.com/live/ev

    #cybersecurity #pcidss #compliance #secops

  36. PCI DSS 4.0 isn't just a compliance update. It's a fundamental shift to continuous, risk-based security.

    Join LimaCharlie, ControlCase, and author Branden R. Williams on Wednesday, November 12th at 10am PT to learn how to turn compliance from a burden into a competitive advantage.

    What you'll learn:

    > What's changed in PCI DSS 4.0 and why
    > How MSSPs can create new revenue opportunities through compliance as a service
    > Building continuous compliance operations with automated data collection and enforcement
    > Practical approaches to auditability, retention, and integration

    Register now: limacharlie.wistia.com/live/ev

    #cybersecurity #pcidss #compliance #secops

  37. PCI DSS 4.0 isn't just a compliance update. It's a fundamental shift to continuous, risk-based security.

    Join LimaCharlie, ControlCase, and author Branden R. Williams on Wednesday, November 12th at 10am PT to learn how to turn compliance from a burden into a competitive advantage.

    What you'll learn:

    > What's changed in PCI DSS 4.0 and why
    > How MSSPs can create new revenue opportunities through compliance as a service
    > Building continuous compliance operations with automated data collection and enforcement
    > Practical approaches to auditability, retention, and integration

    Register now: limacharlie.wistia.com/live/ev

    #cybersecurity #pcidss #compliance #secops

  38. Outpost24 launcht flexible Managed PCI-Compliance-Pakete, die ASV-Scans, Schwachstellenanalysen und Penetrationstests automatisiert und zentral steuerbar machen. IT-Teams profitieren von praxisnahem Reporting, schnelleren Audits und können tägliche Compliance-Aufgaben an zertifizierte PCI-Experten auslagern.
    #Aktuell #Anwendung #Security #Compliance #ManagedServices #PCIDSS #Security
    h...
    it-finanzmagazin.de/compliance

  39. Auch in der Firma geht es voran: Für #pcidss (4.x!!!!)sind die unangenehmen Fragen für uns durch. Nur noch Pakete schnüren und alles hochladen zzgl. gefixter Incidents (Icinga Checks für ClamAV Prozess) und dann abwarten. Die Entwickler haben etwas mehr zu tun.

    Und hab neues #logsystem fast schon komplett. #fluentbit wird #nxlog ersetzen. #victorialogs wird eine Weile parallel zum #Graylog laufen und die mangelnde Auth Fähigkeit von vmlog wird mittels #Nginx und #oauthproxy kompensiert. Es gibt auch ein schönes Ticket: Feature Request für fluentbit: Parameter für #yaml oder classic. Dann kann man nämlich fluent Config über Graylog ausrollen 😍

  40. Auch in der Firma geht es voran: Für #pcidss (4.x!!!!)sind die unangenehmen Fragen für uns durch. Nur noch Pakete schnüren und alles hochladen zzgl. gefixter Incidents (Icinga Checks für ClamAV Prozess) und dann abwarten. Die Entwickler haben etwas mehr zu tun.

    Und hab neues #logsystem fast schon komplett. #fluentbit wird #nxlog ersetzen. #victorialogs wird eine Weile parallel zum #Graylog laufen und die mangelnde Auth Fähigkeit von vmlog wird mittels #Nginx und #oauthproxy kompensiert. Es gibt auch ein schönes Ticket: Feature Request für fluentbit: Parameter für #yaml oder classic. Dann kann man nämlich fluent Config über Graylog ausrollen 😍

  41. Auch in der Firma geht es voran: Für #pcidss (4.x!!!!)sind die unangenehmen Fragen für uns durch. Nur noch Pakete schnüren und alles hochladen zzgl. gefixter Incidents (Icinga Checks für ClamAV Prozess) und dann abwarten. Die Entwickler haben etwas mehr zu tun.

    Und hab neues #logsystem fast schon komplett. #fluentbit wird #nxlog ersetzen. #victorialogs wird eine Weile parallel zum #Graylog laufen und die mangelnde Auth Fähigkeit von vmlog wird mittels #Nginx und #oauthproxy kompensiert. Es gibt auch ein schönes Ticket: Feature Request für fluentbit: Parameter für #yaml oder classic. Dann kann man nämlich fluent Config über Graylog ausrollen 😍

  42. Auch in der Firma geht es voran: Für #pcidss (4.x!!!!)sind die unangenehmen Fragen für uns durch. Nur noch Pakete schnüren und alles hochladen zzgl. gefixter Incidents (Icinga Checks für ClamAV Prozess) und dann abwarten. Die Entwickler haben etwas mehr zu tun.

    Und hab neues #logsystem fast schon komplett. #fluentbit wird #nxlog ersetzen. #victorialogs wird eine Weile parallel zum #Graylog laufen und die mangelnde Auth Fähigkeit von vmlog wird mittels #Nginx und #oauthproxy kompensiert. Es gibt auch ein schönes Ticket: Feature Request für fluentbit: Parameter für #yaml oder classic. Dann kann man nämlich fluent Config über Graylog ausrollen 😍

  43. VNPT Cloud: Bước nhảy vọt bảo mật, đạt chứng chỉ PCI DSS cao nhất toàn cầu!

    VNPT Cloud: Bước nhảy vọt bảo mật, đạt chứng chỉ PCI DSS cao nhất toàn cầu! #VNPTCloud #PCIDSS #BảoMậtThôngTin #AnToànDữLiệu #CôngNghệThôngTin #ChứngChỉQuốcTế #An ninh mạng #VNPT VNPT Cloud vừa ghi nhận một thành tựu đáng tự hào trong lĩnh vực an ninh mạng, đó là việc đạt được chứng chỉ bảo mật dữ liệu thanh toán quốc tế PCI DSS (Payment Card Industry Data Security Standard) ở cấp độ cao nhất.

    bietduoc.io.vn/2025/09/10/vnpt

  44. PCI DSS глазами архитектора: разбираем кейс передачи карточных данных в ДБО

    Привет, Хабр! В этой статье я приоткрою вам самое священное место в любом финтех учреждении - обработку данных платежных систем и особенности работы с CDE сегментом. Вопрос о безопасной передаче карточных данных часто возникает на собеседованиях для архитекторов и senior аналитиков, и он будет полезен не только тем, кто напрямую занимается подобными задачами, но и разработчикам, специалистам по информационной безопасности, а также менеджерам продуктов в финтехе.

    habr.com/ru/companies/otpbank/

    #финтех #финтехпроекты #pcidss #интеграции #интеграции_сервисов #отп_банк #архитектура #архитектура_приложений #информационная_безопасность

  45. PCI DSS глазами архитектора: разбираем кейс передачи карточных данных в ДБО

    Привет, Хабр! В этой статье я приоткрою вам самое священное место в любом финтех учреждении - обработку данных платежных систем и особенности работы с CDE сегментом. Вопрос о безопасной передаче карточных данных часто возникает на собеседованиях для архитекторов и senior аналитиков, и он будет полезен не только тем, кто напрямую занимается подобными задачами, но и разработчикам, специалистам по информационной безопасности, а также менеджерам продуктов в финтехе.

    habr.com/ru/companies/otpbank/

    #финтех #финтехпроекты #pcidss #интеграции #интеграции_сервисов #отп_банк #архитектура #архитектура_приложений #информационная_безопасность