This week's introduction of the new PCI (Payment Card Industry) 3.0 standard, which makes it mandatory to conduct web penetration testing at least once a year, is a good thing for companies that want to maintain and ensure their PCI DSS compliance. However, while compliance is obligatory this enhanced standard shouldn't breed complacency – annual pen testing should be seen as a minimum, and pen testing itself is only capable of mitigating a specific range of threats.
- HIGH-TECH BRIDGE RESEARCH TEAM
- Industry News
- Posted On