Application Security
PCI DSS Session Timeout Requirements
PCI DSS requirement 8.1.8 requires the user to re-authenticate to reactivate the terminal or session if a session has been idle for more than 15 minutes.
Application Security
What Does PCI Compliant Software Development Mean for Developers
PCI compliant secure software applications must be developed in accordance with industry best practices to meet PCI DSS software requirements.
PCI DSS Requirement 6
What is XPATH Injection and How to Prevent It?
By deliberately sending malformed information to the application, the attacker can determine how XML data is structured or access data that would otherwise not be accessible.
PCI DSS Requirement 6
What is LDAP Injection and How to Prevent It?
LDAP Injection is an attack that is used to manipulate web-based apps that create user-input based LDAP expressions. When an application cannot correctly clear user login, it is possible to change LDAP statements using a Local Proxy.
PCI DSS Requirement 6
What is OS Command Injection and How to Prevent It?
OS Command Injection is a web vulnerability that could allow an attacker to execute commands from an arbitrary operating system (OS) on the server running an application, often endangering the application and all its information.
PCI DSS Requirement 6
What is SQL Injection and How to Prevent It?
SQL Injection is an attack method used to attack applications that are driven by databases. The attacker adds new SQL statements to the relevant field on the standard application screen, using SQL language features.
PCI DSS Requirement 6
What is Cross-Site Scripting (XSS) and How to Prevent It?
Cross-Site Scripting (XSS) is a vulnerability that occurs when the software does not pass the input received from the user through the necessary HTML and JavaScript filters.
Want to stay up to date with the latest news?
We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!