The latest changes across all tracked PCI resources.
The PCI Data Security Standard (PCI DSS) includes several requirements in Requirement 6 and 11 that govern vulnerability management and reference related timeframes.
A new FAQ and related infographic …
There are several PCI DSS requirements that govern vulnerability management and reference related timeframes. These requirements are described under the general topics of 1) identifying and risk ranking vulnerabilities, and …
Service providers cannot use SAQ eligibility criteria to determine applicability of PCI DSS requirements for assessments documented in a Report on Compliance (ROC). The only acceptable SAQ for service providers …
This episode of Coffee with the Council is brought to you by our podcast sponsor, Feroot.
Welcome to our podcast series, Coffee with the Council. I'm Alicia …
The PCI Security Standards Council (PCI SSC) announced that it has launched its own PIN Listing Program. This Program brings an important security service listing to the community, representing another …
No, phishing-resistant authentication cannot be used without an additional authentication factor to meet Requirements 8.4.1 or 8.4.3 because of the increased risk with these types of access.
Use of …
Yes. Passkeys synced across devices (also called synced passkeys), implemented according to the FIDO2 requirements, are considered phishing-resistant authentication, and may be used as a single authentication factor in place …
