PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum  

Go Back   PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum > PA-DSS - Payment Application Data Security Standards > [PA-DSS] 7. Test payment applications to address vulnerabilities
Reload this Page [PA-DSS] 7.1 Software vendors must establish a process to identify newly discovered security vulnerabilities (e.g., subscribe to alert services freely available on the Internet) and to test their payment applications for vulnerabilities. Any underlying software or systems that are provided with or required by the payment application (e.g., web servers, 3rd-party libraries and programs) must be included in this process
Register FAQ Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 03-18-2007, 02:53 AM
admin
Guest
  
Posts: n/a
Default [PA-DSS] 7.1 Software vendors must establish a process to identify newly discovered security vulnerabilities (e.g., subscribe to alert services freely available on the Internet) and to test their payment applications for vulnerabilities. Any underlying software or systems that are provided with or required by the payment application (e.g., web servers, 3rd-party libraries and programs) must be included in this process
7.1 Software vendors must establish a process to identify newly discovered security vulnerabilities (e.g., subscribe to alert services freely available on the Internet) and to test their payment applications for vulnerabilities. Any underlying software or systems that are provided with or required by the payment application (e.g., web servers, 3rd-party libraries and programs) must be included in this process.

PCI Data Security Standard Requirement 6.2

Testing Procedures:

7.1.a Obtain and examine processes to identify new vulnerabilities and to test payment applications for new vulnerabilities. Verify the processes include:
  • Using outside sources for security vulnerability information
  • Testing of payment applications for new vulnerabilities
7.1.b Verify that processes to identify new vulnerabilities and implement corrections into payment application apply to all software provided with or required by the payment application (e.g., web servers, 3rd-party libraries and programs).
Reply With Quote
Reply

Bookmarks
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 06:49 AM.

Contact Us - PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum - Archive - Top

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest ©1997 - 2010 by PCIDSSFAQ.ORG, except where noted otherwise.
Powered by vBulletin, Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
PCI-DSS Forum  |  PA-DSS Forum