Payment Card Assessments

  • A SOC-like Approach to PCI: PCI DSS v4.0

    A SOC-like Approach to PCI: PCI DSS v4.0

    The 2019 PCI North America Community Meeting was held in beautiful Vancouver, British Columbia, Canada. The conference provided takeaways for PCI standards plus sneak peeks info PCI DSS v40.

    Read Article
  • Changes Coming to PCI DSS in Version 4.0

    Changes Coming to PCI DSS in Version 4.0

    The PCI SSC is preparing to issue a draft version of PCI DSS v4.0. It was apparent early in the presentation that the update to the PCI DSS is going to be the largest change since v3.0 in 2013.

    Read Article
  • Valuable PCI Compliance Tips: Our Response

    Valuable PCI Compliance Tips: Our Response

    Security Boulevard recently published a list of valuable PCI DSS compliance tips which Schellman's team of QSAs reviewed and have offered insight and commentary on.

    Read Article
  • Schellman Becomes PCI Qualified PIN Assessor

    Schellman Becomes PCI Qualified PIN Assessor

    Schellman & Company has become a Qualified PIN Assessor (QPA) for the PCI PIN Security Program.

    Read Article
  • Introduction to the New PCI Software Security Framework49:11

    Introduction to the New PCI Software Security Framework

    Watch Video
  • Full Sail Ahead: Navigating PCI Compliance on Kubernetes - Part 1, Networking

    Full Sail Ahead: Navigating PCI Compliance on Kubernetes - Part 1, Networking

    Introduction Welcome! In the upcoming series of articles (this is Part 1), I’ll be discussing some things to consider if you want to use Kubernetes to host an application that is...

    Read Article
  • PCI in 3…2…1

    PCI in 3…2…1

    A fresh new release of the PCI SSC's flagship security standard PCI-DSS v 3.2.1

    Read Article
  • Schellman to Join PCI Global Executive Assessor Roundtable (GEAR)

    Schellman to Join PCI Global Executive Assessor Roundtable (GEAR)

    Schellman is pleased to announce that it will join the newly founded Global Executive Assessor Roundtable, the advisory group of senior executives at assessor companies for the payment...

    Read Article
  • Schellman Joins PCI 3DS Assessors

    Schellman Joins PCI 3DS Assessors

    Schellman & Company, LLC, a leading provider of attestation and compliance services, has become an assessor in the PCI Security Standards Council’s new 3-D Secure (3DS) program, and can...

    Read Article
  • Payment Security Insights

    Payment Security Insights

    There are some important PCI DSS deadlines coming up. Let’s start with the SSL/early TLS migration. Why is it important for organizations to migrate away from SSL/TLS?

    Read Article
  • Getting Ready for PCI47:29

    Getting Ready for PCI

    Watch Video
  • Getting started with your PCI DSS Charter

    Getting started with your PCI DSS Charter

    Well over a year ago, the PCI Standards Council announced, in addition to other requirements, that a PCI charter would now be required for service providers after January 31, 2018.  Few...

    Read Article
  • Segmentation Testing and PCI FAQs

    Segmentation Testing and PCI FAQs

    As a follow-up to the "What 2018 Means for Your PCI DSS Assessment" article I posted, a client of mine had a great question regarding the future date for the semi-annual segmentation...

    Read Article
  • What 2018 Means for Your PCI DSS Assessment

    What 2018 Means for Your PCI DSS Assessment

    Some of you may have just read the blog title and believe I made a typo on the year, but no, I am here to talk about PCI DSS in 2018. I know it seems crazy to be discussing 2018, as we...

    Read Article
  • What 2018 Means for Your PCI DSS Assessment

    What 2018 Means for Your PCI DSS Assessment

    Some of you may have just read the blog title and believe I made a typo on the year, but no, I am here to talk about PCI DSS in 2018. I know it seems crazy to be discussing 2018, as we...

    Read Article
  • Docker and PCI Compliance

    Docker and PCI Compliance

    Executive Summary Docker is an advanced framework for deploying applications--in particular, cloud applications.  It is notably different than working within traditional virtualization...

    Read Article
  • Understanding PCI PA-DSS: Security for Applications and for Organizations

    Understanding PCI PA-DSS: Security for Applications and for Organizations

    The Payment Application Data Security Standard (PA-DSS) has been an instrumental part of the PCI family of standards from nearly the beginning of the PCI SSC.

    Read Flipbook
  • Compliance as Code

    Compliance as Code

    Codifying Your Configuration Standards If you have already gone through a PCI DSS, SOC, HIPAA/HITECH, or ISO assessment, you already know that detailed configuration standards are a...

    Read Article
  • PCI SSC Releases Scoping and Segmentation Guidance

    PCI SSC Releases Scoping and Segmentation Guidance

    As we all were working hard, with holiday vacations and a new year in our reach, the PCI SSC released a guidance document that has been long awaited. The Guidance on Scoping and...

    Read Article
  • Determining Scope for PCI DSS Compliance1:00:53

    Determining Scope for PCI DSS Compliance

    Proper scoping remains perhaps the most critical component to successful PCI DSS compliance, and yet still proves challenging amongst organizations looking to comply with PCI DSS.

    Watch Video
  • loading
    Loading More...