Home page logo
/

basics logo Security Basics mailing list archives

PCI DSS
From: "security guy" <blokesecurity () googlemail com>
Date: Wed, 22 Aug 2007 17:21:37 +0100

From what I can see there seem to be some inconsistencies between the
PCI-DSS scanning guidelines and the cost of services offered by the
ASVs. The testing process to become an ASV seems to require a certain
degree of manual testing but there are plenty of companies offering
deals such as £75 for the testing of entire host ranges. Are companies
doing a full manual test on the assessment and then just chucking a
load of automated scanners at the hosts the test commercially
afterwards? Surely there's no way any test-house can manually test
even a single hosts at that cost!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]