| Publisher | PCI Security Standards Council | ||
|---|---|---|---|
| Format | 146.8KB PDF | Date added | 15 Apr 2008 |
| Topics | Firewalls, Network Security, Security Standards | ||
| Downloads | 0 | ||
The intent of Requirement 6.6 is to ensure web applications exposed to the public Internet are protected against the most common types of malicious input. There is a great deal of public information available regarding web application vulnerabilities. The minimum vulnerabilities to consider are described in Requirement 6.5. Proper implementation of both options would provide the best multi-layered defense. PCI SSC recognizes that the cost and operational complexity of deploying both options may not be feasible. Further, one or the other option may not be possible in some situations (no access to source code, for example).
Did you find this white paper useful?
Related white papers
Messagelabs - IT Security Threats of Today and Tommorrow Webcast Supporting Doc
This document supports th silicon.com webcast which discusses some of the security threats to IT systems that organisations have to face on a daily basis - and what do about...
Intel® Centrino® 2 with vPro™ Technology and Intel® Core™2 Processor with vPro™ Technology
This whitepaper explores how the latest notebook and desktop PCs with Intel® vPro™ technology build on proven capabilities to enable greater proactive security, enhanced maintenance, and improved remote management both...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Do you have what it takes to be a Game Changer?
Who should get this: Like all EPLM assets this piece is aimed at senior management (those in a business that are responsible for business outcome). Why should they watch...
Data Replication: Do More with your Data
Are you leveraging your data assets across your global enterprise? Sybase Replication Server moves and synchronizes data across the enterprise to meet a host of competing challenges in the...
PCI DSS Compliance in the UNIX/Linux Datacenter Environment
This document explains how BeyondTrust PowerBroker supports the Payment Card Industry Data Security Standard (PCI DSS) by limiting and tracking authorization to execute commands and programs that access servers and...
IOS Tips and Tricks
There are a number of things you can do with Cisco's IOS to make your life easier. This white paper presents some ways that IOS commands can help streamline your...
