Security Basics mailing list archives
PCI DSS
From: "security guy" <blokesecurity () googlemail com>
Date: Wed, 22 Aug 2007 17:21:37 +0100
From what I can see there seem to be some inconsistencies between the
PCI-DSS scanning guidelines and the cost of services offered by the ASVs. The testing process to become an ASV seems to require a certain degree of manual testing but there are plenty of companies offering deals such as £75 for the testing of entire host ranges. Are companies doing a full manual test on the assessment and then just chucking a load of automated scanners at the hosts the test commercially afterwards? Surely there's no way any test-house can manually test even a single hosts at that cost!
Current thread:
- PCI DSS security guy (Aug 22)
- RE: PCI DSS Craig Wright (Aug 23)
- <Possible follow-ups>
- Re: PCI DSS alistair . fletcher (Aug 23)
- Re: PCI DSS evilwon12 (Aug 23)
- FW: PCI DSS Craig Wright (Aug 23)