PCIDSS.COM - PCI DSS Security Solutions Directory

Category: PCI DSS Requirement 6

Develop and Maintain Secure Systems and Software

Security flaws can be exploited by attackers to gain privileged access to systems. Vendor-provided security patches, which must be installed by the entities that manage the systems, are responsible for fixing many of these vulnerabilities. To safeguard against the exploitation and compromise of cardholder data by malicious individuals and their malicious software, all relevant software patches must be installed on all system components.

Software patches that have been sufficiently evaluated and tested to ensure that they do not conflict with existing security configurations are considered appropriate. Using secure coding methods and software lifecycle (SLC) processes for custom or bespoke software, numerous vulnerabilities can be avoided and thus mitigation of potential successful attacks.

PCI DSS assessments are also applicable to code repositories that store application code, system configurations, or other configuration data that may have an effect on the security of cardholder data or the CDE.

There is a special relationship between PCI DSS Requirement 6 and the PCI SSC Software Standards and these should be reviewed in tandem.

PCI Solution Provider

PeachFuzz

Peachfuzz web design is a company that can help you create a site that is perfect for your needs. We…

Read More

Rating
0 / 5
Views
615
PCI Solution Provider

Probely

Probely is a web vulnerability scanner for agile teams. It finds vulnerabilities or security issues in web applications & APIs…

Read More

Rating
0 / 5
Views
660
PCI Solution Provider

Sucuri

When your website is protected by the Sucuri Website Firewall, you already satisfy the #1 requirement for keeping your visitors…

Read More

Location
Headquarters, USA
Rating
0 / 5
Views
2454
PCI Solution Provider

FortiWeb

FortiWeb Web Application Firewalls provide specialized, layered web application threat protection for medium/large enterprises, application service providers, and SaaS providers.…

Read More

Location
Global PCI DSS Solutions
Rating
0 / 5
Views
3641
PCI Solution Provider

Imperva

Imperva SecureSphere Web Application Firewall analyzes all user access to your business-critical web applications and protects your applications and data…

Read More

PCI Solution Provider

W3AF

The free and open source security framework w3af may help budget-strapped organizations find and fix these vexing security holes. Use…

Read More

Location
Global PCI DSS Solutions
Rating
0 / 5
Views
2404
PCI Solution Provider

Acunetix

Acunetix Web Vulnerability Scanner helps you meet PCI requirements. Acunetix will check your web site and alert you to any…

Read More

PCI Solution Provider

HP WebInspect

WebInspect is a web application security assessment tool that helps identify known and unknown vulnerabilities within the Web application layer.…

Read More

Compare Add to favorites
PCI Solution Provider

IBM AppScan Enterprise and Core Security...

Scanning applications can provide a key component to the vulnerability management process by helping you to understand your organization’s potential…

Read More

Location
USA
Rating
0 / 5
Views
2644