These library resources require an Ounce Labs ID. Log in or register.

Payment Card Industry (PCI) Data Security Standard and the Need for Software Assurance

The latest version of the PCI Data Security Standard, released in September 2006, requires organizations that store, process, or transmit credit card data to comply with their security requirements, including policies, processes and configuration of networks and systems. PCI Requirement 6 mandates the identification and remediation of security vulnerabilities within software, and articulates the importance of code analysis, for applications under development and in deployment.

This Ounce Security Brief details Requirement 6, "Develop and Maintain Secure Systems and Applications", which describes required processes and procedures for identifying security vulnerabilities in software, and the ways in which the Ounce solution can help to secure critical customer data.

« Back to Library