-
Mar 20124
PA DSS requires vendors to ensure that the chain of trust is maintained for all installation and update files. These are primarily laid out in 7.2.a – 7.2.e of the PA-DSS 2 requirements. What this means is that customers should be able to verify that the files that they install/update are actually from you (authentication) and that they have not been modified (integrity).
Continue reading "Chain of trust for installation & update files" »
-
Aug 201115
PA DSS (Payment Application Data Security Standard) requirement 7.2 talks about having a process to deliver patches and updates in a secure manner with a known chain of trust.
Continue reading "Why Chain-of-Trust is important when applying software updates" »
-
Jun 201113
I came across a piece of data that is most interesting. LAMP based websites seem to be the most hacked. While it is not surprising, given the popularity of the LAMP stack, it is deeply concerning.
Continue reading "Most hacked environment – Interesting survey results" »