Businesses must ensure their key servers, certificate authorities, open SSL libraries, and server updates are secure.
2021 security year review and our predictions of things that we think will be forefront in cybersecurity this year.
Phishing Email Scams remain one of the top threats to companies.
To help you focus your cybersecurity efforts, we've compiled our top 5 blogs to help you prepare for 2022.
How to prepare for cybersecurity in 2021. We outline the top five blogs to help you train employees, understand the threat landscape, avoid malware, and support compliance efforts as you head into 2021.
What area of your business would benefit the most from a penetration test?
Increasing Satisfaction in PCI DSS Programs for Acquirers and ISOs: Learn why PCI DSS programs are beneficial to businesses and how to manage expectations around PCI programs.
From COVID-related challenges to firewall configuration to e-commerce web skimming, SecurityMetrics Cybersecurity Conference and Summit 2020 provided cybersecurity content and sessions for everyone in the data security and compliance industry.
New cybersecurity threats were popping up rapidly going into 2020. We analyzed the trends and made predictions for the rest of the year
Jen Stone is a Principal Security Analyst for SecurityMetrics. In her 4 years at SecurityMetrics, she has completed over 100 security assessments that include PCI, HIPAA, CIC CSC (SANS Top 20) and 23 NYCRR 500.
With the upheaval and uncertainty many are experiencing around the world during the COVID-19 pandemic, we are more committed than ever to our mission.
MITREid Connect Cross-site Scripting Vulnerability: CVE-2020-5497 Here's the situation: I was performing a penetration test that integrated with MITREid Connect for authorization.
Matt Halbleib holds QSA (Qualified Security Assessor), PA-QSA (Payment Application Qualified Security Assessor), and CISSP (Certified Information Systems Security Professional) security certifications and as a qualified assessor for the Payment Card Industry, has completed over 100 PCI DSS, PA-DSS and P2PE security assessments.
Hopefully this incident helps both healthcare to remember the fragility of patient data protection.
Health organizations have been hit hard—the healthcare industry experienced 23.7% of total data breaches.
PCI for SMBs: as an SMB owner, your business size and card processing environment will ultimately determine which SAQ you need to follow.
The Payment Card Industry Security Standards Council (PCI SSC) recently announced the release of the PCI DSS 3.2.1.
On October 16, 2017, the WPA2 Security Flaw “KRACK” vulnerability was made public.
Read this blog, based on the podcast “PCI DSS 4.0: One Organization’s Experience,”, to learn how Martin tackled common PCI challenges, found new solutions, and discovered that PCI doesn’t have to be a solitary effort.
We asked two of our senior security experts—Garrett Adler (Senior Pen Tester) and Terrill Thorn (Director of Pen Testing)—to walk through how companies like yours can squeeze the absolute most value out of their pen test.
Read to learn who the top QSAs are for higher education, what they do best, their pricing, what their customers are saying, and more.
While it’s challenging to compile an exhaustive list of potential problems universities face when selecting a PCI QSA, here are the top issues I’ve identified that universities commonly encounter.
This blog post will guide you through the intricate world of PCI compliance in a university setting, drawing insights from industry experts.
.svg)
