What QSAs Are Saying About PCI DSS 4.0.1 and eSkimming Controls
by Source Defense On a recent Source Defense roundtable, seasoned QSAs gathered to discuss the latest PCI DSS 4.0.1 updates—specifically requirements 6.4.3 and 11.6.1—and how
Kick Starting PCI DSS 4.0
People who watched this webinar were also interested in
PCI DSS v4.0 6.4.3 and 11.6.1 Resources
The Payment Card Industry (PCI) has given serious thought to payment page guidance in DSS v4.0. New sections including 6.4.3 and 11.6.1 indicate the seriousness of this problem. These guidelines inform organizations of the necessity to make changes now. In this guide, we dive deep into PCI DSS v.4.0 and specifically:
- New guidance, PCI 6.4.3 and 11.6.1
- The solutions to addressing this new guidance
- The role of proprietary script or tag-management systems
- Why PCI made these updates in the first place
Other things you might be interested in
Client-Side Security Breach Alert: Blue Shield of California Exposes 4.7 Million Members’ Health Data Through Web Analytics Configuration
by Source Defense A recent incident at Blue Shield of California highlights the critical importance of client-side security controls when implementing third-party scripts on healthcare
CSP FY: A Magecart Attack That Dodges Policy—and Makes a Joke While Doing It
by Source Defense When attackers are clever enough to name their cookie “csp_f_y,” you know they’re not just exfiltrating data—they’re mocking your defenses. In a
Sophisticated Payment Card Skimming Campaign Conceals Itself by Leveraging Stripe API
by Source Defense A newly discovered payment card skimming campaign has emerged exhibiting a concerning level of sophistication and leveraging unique tactics that make detection
