Hi {{ session.user.profile.firstName }}

Stop Patching, for Stronger PCI Compliance

Manage webcast
Adam Brand, Senior Manager - PCI QSA, Protiviti
Too many organizations have their administrators running on the Patching Wheel of Death. PCI DSS says all vendor critical patches must be installed within 30 days, right? Wrong. Looking more closely at the PCI standard shows that it actually mandates a risk-based approach to patching.

In this presentation, an experienced PCI QSA discusses how organizations that patch frequently and rely solely on vulnerability scanner or vendor recommendations are actually less PCI compliant. The wasted time spent on unnecessary patching could be better spent on more important ongoing compliance activities and long term fixes. An alternative approach is presented, showing how even applying simple contextual criteria when evaluating patches (in accordance with PCI DSS recommendations) can eliminate over 50% of monthly patch installations.
Sep 12 2012
46 mins
Stop Patching, for Stronger PCI Compliance
More from this community:

IT Governance, Risk and Compliance

  • Date
  • Rating
  • Views

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Stop Patching, for Stronger PCI Compliance
  • Live at: Sep 12 2012 4:00 pm
  • Presented by: Adam Brand, Senior Manager - PCI QSA, Protiviti
  • From:
Your email has been sent.
or close
You must be logged in to email this