Foregenix-Logo-Horizontal-Colour
Free Webscan

Cybersecurity Insights

Andrew McKenna

How to test centralised logging

26/01/21 12:15

Introduction

This post touches on the inter-relationship between operational monitoring, logging, and file integrity monitoring. These are pooled together within a single post to illustrate these controls working together as a security system. Any information security framework (e.g. NIST CSF, PCI, ISO27000) will require each of these to be in place.

Read More
Andrew McKenna

Software Security Framework (SSF) - Overview & FAQ

06/01/21 10:00

In 2020, the PCI SSC released the Software Security Framework. This post is a brief explanation of how the framework is structured, some key dates and pointers on how this will impact you, and how to prepare.

Read More
Flavio Bonfiglio Sorans

The PCI Software Security Framework (SSF) is taking off!

17/12/20 10:32

As previously anticipated during the PCI North America Community Meeting 2020, Mastercard has announced that the Software Security Framework (SSF) will be incorporated to their Site Data Protection (SDP) Program Standards in Q1 2021.

Read More
Andrew McKenna

Point-to-Point Encryption (P2PE) Overview

16/12/20 10:00

This is a post to provide an overview of P2PE solutions, attempting to initially provide a high-level intro while continuing to delve into some more detailed and technical elements. The intent is to provide an understanding of what a P2PE solution looks like, what it consists of, and to demonstrate how the various building blocks fit together.

Read More

SWIFT Customer Security Programme (CSP)

09/12/20 10:00

The SWIFT Network offers its users a myriad of services that continue to expand year after year. And, although it is often perceived ‘just’ as a messaging system, most of the world’s money traverses through its systems at some point. This makes SWIFT a clear target for cyber fraud attacks, and, whilst its applications, services, and systems have been designed with top security in mind, it’s not rare to see SWIFT-related incidents (involving millions of dollars each) pop up in the news from time to time.

Read More
Andrew McKenna

How to test centralised logging

26/01/21 12:15

Introduction

This post touches on the inter-relationship between operational monitoring, logging, and file integrity monitoring. These are pooled together within a single post to illustrate these controls working together as a security system. Any information security framework (e.g. NIST CSF, PCI, ISO27000) will require each of these to be in place.

Read More
Andrew McKenna

Software Security Framework (SSF) - Overview & FAQ

06/01/21 10:00

In 2020, the PCI SSC released the Software Security Framework. This post is a brief explanation of how the framework is structured, some key dates and pointers on how this will impact you, and how to prepare.

Read More
Flavio Bonfiglio Sorans

The PCI Software Security Framework (SSF) is taking off!

17/12/20 10:32

As previously anticipated during the PCI North America Community Meeting 2020, Mastercard has announced that the Software Security Framework (SSF) will be incorporated to their Site Data Protection (SDP) Program Standards in Q1 2021.

Read More
Andrew McKenna

Point-to-Point Encryption (P2PE) Overview

16/12/20 10:00

This is a post to provide an overview of P2PE solutions, attempting to initially provide a high-level intro while continuing to delve into some more detailed and technical elements. The intent is to provide an understanding of what a P2PE solution looks like, what it consists of, and to demonstrate how the various building blocks fit together.

Read More

SWIFT Customer Security Programme (CSP)

09/12/20 10:00

The SWIFT Network offers its users a myriad of services that continue to expand year after year. And, although it is often perceived ‘just’ as a messaging system, most of the world’s money traverses through its systems at some point. This makes SWIFT a clear target for cyber fraud attacks, and, whilst its applications, services, and systems have been designed with top security in mind, it’s not rare to see SWIFT-related incidents (involving millions of dollars each) pop up in the news from time to time.

Read More