PCI DSS 2.0 is sure to have an impact on 2011, so why not throw out some highlights to get you going. Thanks again to Dr. Chuvakin for his second contribution to EH-Net and hopefully not the last.

Permanent link:[Article]-PCI DSS 2.0 Fun Facts


Read the full article using the permanent link above, then please leave your feedback below.

Don

PS - The publilcation date and time for this article is 2011-01-01 01:01:11. All for you Anton!! 

Dr. Chuvakin, thanks for a good read.  Pointing out the changes in PCI DSS, and highlighting some of the key points are always helpful when bringing this information to customers, so it's always good when we can point them to a reference, such as this article, even if only to begin conversations.

I'm pleased with the increased definition of VM technologies, and separating the functionality across multiple VM's.  That definitely makes it easier to define roles of said systems, and tighten them down better, as well as helping to validate security on the same systems, without having to analyze multiple systems, per VM (from the customer's perspectives.)  As pentesters, we love to have multiple avenues to pursue, but in recommending remediation steps to customers, it gives us greater ability to justify ourselves.  And that is a welcome change within the specs.

Also, as Andew noted, it's nice to see more clarity on the IDS/IPS side, for many of the same reasons.

@Andrew - I agree, I hadn't noticed THAT much change, and was hoping the same, that I wasn't somehow missing something really, glaringly obvious.  Glad to see that isn't the case.