HOME > SECURITY RESOURCES > PODCAST ABSTRACT
PCI Requirement 6.6 Clarification
Hosted by: Sam Costello, Ounce Labs
Guests: Jack Danahy, Founder and Chief Technology Officer, Ounce Labs
Length: 6:47
Filesize: 3.1MB
A lack of clarity about how to interpret requirement 6.6 of the PCI Data Security Standard (PCI DSS) caused widespread confusion. This led to a clarification memo issued by the PCI Security Standards Council on April 15, 2008.
In this podcast, Jack Danahy, the founder and Chief Technology Officer of Ounce Labs, discusses how organizations can interpret the clarified Requirement 6.6. This includes approaching the 6.6 clarification as not mandating specific techniques, but rather suggesting a suite of tools that can help organizations comply with the new application-security requirements.
Learn About:
- The PCI Requirement 6.6 clarification
- The use of code review and application firewalling in application security.
- The relationship between PCI compliance and security, and why they’re not necessarily the same thing