Links for InfoSec World workshop

Okay, this isn’t a really valuable post.  The following links are core documents relevant to the PCI Security Standard.

Primary Site:

PCI-DSS version 1.2

Requirement 6.6 Information Supplement

<post workshop updates>

Okay, the group in our session was absolutely awesome, thanks to everyone that came out!  Three and a half hours for ANY topic, let alone a regulatory body (on a geek topic no less) is a marathon.  In attendance we had a couple of QSAs, some military folks discussing strategy, and even a couple people from a major payment brand. (seriously, I thought they were coming to clean my clock… 🙂

I mentioned I would follow up with some information and other links I mentioned in our workshop so here they are:

OWASP – Open Web Application Security Project

WASC – Web Application Security Consortium

Bidiblah – a tool from the team of rockstars at Sensepost

Also, we discussed PA-DSS deadlines, so I will point you to the Payment Application Security Mandates document over at the Visa site.  Here is an image that gives you a summary:


Visa's Payment Application Compliance Mandate

Visa's Payment Application Compliance Mandate


One Response to “Links for InfoSec World workshop”

  1. Rafal Los Says:

    Trey – I can’t believe you did what, 5 hours, for a PCI talk? That’s a tough subject to tackle to begin with, and I heard you did a masterful job… you are officially the PCI Guru.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: