PCI/DSS: Data at Rest

Posted by jm04469 on Stack Overflow See other posts from Stack Overflow or by jm04469
Published on 2009-06-29T14:35:28Z Indexed on 2010/04/15 10:43 UTC
Read the original article Hit count: 358

Filed under:

pci-dss

|

owasp

|

security

|

cache

Would you consider the use of caching products in the category of data at rest?

© Stack Overflow or respective owner

Related posts about pci-dss

Options for PCI-DSS 11.5 - Deploy file integrity monitoring software

as seen on Server Fault - Search for 'Server Fault'
I'm looking for options to be compliant with PCI-DSS section 11.5 for some servers I manage at the datacenter. There are several servers (less than 20) and they are mostly CentOS5, but there are some RHEL4 and Solaris9 Sparc. I believe Tripwire, Inc. is the leader in this area, but I am looking for… >>> More
Wireless Activity Monitoring for PCI DSS Compliance

as seen on Super User - Search for 'Super User'
In an effort to be PCI DSS compliant, I took a trustkeeper.net questionnaire. I failed the question that asks Is the presence of wireless access points tested for by using a wireless analyzer at least quarterly or by deploying a wireless IDS/IPS to identify all wireless devices in use? (SAQ #11… >>> More
Oracle for PCI-DSS Security Webcast

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Thanks to everyone who attended the Oracle for PCI-DSS security webcast today. It was good to see how the products we talked about last week can be used to address the PCI standard requirements. A big thanks to Chris Pickett for presenting a great session and running us through a very cool demo showing… >>> More
Secure Delete PCI-DSS Windows Environment

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello, I have been reviewing a number of applications for securing deleting files. I understand the concepts of overwriting the file several times with zeros and random characters; however, I don't understand the concept of renaming the file up to thirty times before actually deleting the file. Any… >>> More
PCI/DSS: Data at Rest

as seen on Stack Overflow - Search for 'Stack Overflow'
Would you consider the use of caching products in the category of data at rest? >>> More

Related posts about owasp

OWASP Regex Repository: Is this regex correct?

as seen on Stack Overflow - Search for 'Stack Overflow'
I was looking at the regular expression for validating various data types from the (OWASP Regex Repository). One of the regular expressions in there is called safetext and looks like: ^[a-zA-Z0-9\s.\-]+$ My first question is: Is this regular expression correct? complementary question If this… >>> More
Interesting links week #24 and #25

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Below a list of interesting links that I found this week: Interaction: Design Usability and All About It Frontend: CSS Lint – CSS Cleaning Tool 10 HTML Entity Crimes You Really Shouldn’t Commit Development: OWASP Top 10 for .NET developers part 7: Insecure Cryptographic Storage… >>> More
How do you protect against specific CSRF attack

as seen on Stack Overflow - Search for 'Stack Overflow'
I am going trough the OWASP Top 10 list of 2007 and 2010. I stumbled upon Cross Site Request Forgery (CSRF) this is often called session riding as you let the user usee his session to fulfill your wishes. Now a solution to this is adding a token to every url and this token is checked for every link… >>> More
CSRF (Cross-site request forgery) attack example and prevention in PHP

as seen on Stack Overflow - Search for 'Stack Overflow'
I have an website where people can place a vote like this: http://mysite.com/vote/25 This will place a vote on item 25. I want to only make this available for registered users, and only if they want to do this. Now I know when someone is busy on the website, and someone gives them a link like this: http://mysite… >>> More
SQL Injection Protection for dynamic queries

as seen on Stack Overflow - Search for 'Stack Overflow'
The typical controls against SQL injection flaws are to use bind variables (cfqueryparam tag), validation of string data and to turn to stored procedures for the actual SQL layer. This is all fine and I agree, however what if the site is a legacy one and it features a lot of dynamic queries. Then… >>> More