It was an auspicious week for us on the compliance front. After some significant work, we hit two milestone achievements...
First, our payment systems switching engine was awarded the VerAfied security mark by Veracode. There's an official announcement of this achievement in the works. I'll post that when it comes out.
Second, we concluded a very productive stretch of work with K3DES, our Payment Application (PA) QSA, culminating in a successful outcome of certification against the PA-DSS v1.2 standard.
That's all I'm going to say here - my colleague Dave Bergert has a feature piece in the works on these subjects. His credentials (CISSP, CISA, CPISM/A, and former QSA) give him a perspective on these matters that I can't begin to touch.
-------------------------
UPDATE - February 5, 2011: See my new post entitled VERAFIED by Veracode
Recent Comments